VulnerableCode Package Details - pkg:maven/org.jenkins-ci.plugins.workflow/workflow-cps-global-lib@561.va

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/org.jenkins-ci.plugins.workflow/workflow-cps-global-lib@561.va

purl	pkg:maven/org.jenkins-ci.plugins.workflow/workflow-cps-global-lib@561.va

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-a8d9-5365-qubn	Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier uses the same checkout directories for distinct SCMs for Pipeline libraries, allowing attackers with Item/Configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents.	CVE-2022-25174 GHSA-g9fx-6j5c-grmw

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T15:59:56.402970+00:00	GHSA Importer	Fixing	VCID-a8d9-5365-qubn	https://github.com/advisories/GHSA-g9fx-6j5c-grmw	38.0.0
2026-04-01T13:06:27.355158+00:00	GithubOSV Importer	Fixing	VCID-a8d9-5365-qubn	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/02/GHSA-g9fx-6j5c-grmw/GHSA-g9fx-6j5c-grmw.json	38.0.0