Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/jenkins-2-plugins@4.7.1648800585-1?arch=el8

Type rpm

Namespace redhat

Name jenkins-2-plugins

Version 4.7.1648800585-1

Qualifiers

arch	el8

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-3vqh-anad-xqbt

vulnerability_id

VCID-3vqh-anad-xqbt

summary

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
A sandbox bypass vulnerability in Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier allows attackers with Item/Configure permission to execute arbitrary code on the Jenkins controller JVM using specially crafted library names if a global Pipeline library is already configured.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25182.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25182.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-25182

reference_id

reference_type

scores

value	0.00292
scoring_system	epss
scoring_elements	0.52517
published_at	2026-04-29T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52592
published_at	2026-04-11T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52576
published_at	2026-04-12T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52561
published_at	2026-04-13T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52601
published_at	2026-04-16T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52608
published_at	2026-04-18T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52593
published_at	2026-04-21T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52543
published_at	2026-04-24T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52554
published_at	2026-04-26T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52501
published_at	2026-04-02T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52527
published_at	2026-04-04T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52494
published_at	2026-04-07T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52547
published_at	2026-04-08T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52541
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-25182

reference_url

https://github.com/jenkinsci/workflow-cps-global-lib-plugin/commit/ace0de3c2d691662021ea10306eeb407da6b6365

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/jenkinsci/workflow-cps-global-lib-plugin/commit/ace0de3c2d691662021ea10306eeb407da6b6365

reference_url

https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2422

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-19T19:28:21Z/

url

https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2422

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2055798
reference_id	2055798
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2055798

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-25182

reference_id

CVE-2022-25182

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-25182

reference_url

https://github.com/advisories/GHSA-7rcw-fwfh-2h2g

reference_id

GHSA-7rcw-fwfh-2h2g

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-7rcw-fwfh-2h2g

reference_url	https://access.redhat.com/errata/RHSA-2022:0871
reference_id	RHSA-2022:0871
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0871

reference_url	https://access.redhat.com/errata/RHSA-2022:1021
reference_id	RHSA-2022:1021
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1021

reference_url	https://access.redhat.com/errata/RHSA-2022:1025
reference_id	RHSA-2022:1025
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1025

reference_url	https://access.redhat.com/errata/RHSA-2022:1248
reference_id	RHSA-2022:1248
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1248

reference_url	https://access.redhat.com/errata/RHSA-2022:1420
reference_id	RHSA-2022:1420
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1420

reference_url	https://access.redhat.com/errata/RHSA-2022:1620
reference_id	RHSA-2022:1620
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1620

fixed_packages

aliases

CVE-2022-25182, GHSA-7rcw-fwfh-2h2g

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-3vqh-anad-xqbt

url

VCID-41xr-8bvs-tucs

vulnerability_id

VCID-41xr-8bvs-tucs

summary

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Jenkins Pipeline: Multibranch Plugin 706.vd43c65dec013 and earlier uses distinct checkout directories per SCM for the readTrusted step, allowing attackers with Item/Configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25175.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25175.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-25175

reference_id

reference_type

scores

value	0.00421
scoring_system	epss
scoring_elements	0.62043
published_at	2026-04-29T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.62028
published_at	2026-04-12T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.62006
published_at	2026-04-13T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.62049
published_at	2026-04-16T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.62054
published_at	2026-04-18T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.62037
published_at	2026-04-21T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.62034
published_at	2026-04-24T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.6205
published_at	2026-04-26T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.61949
published_at	2026-04-02T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.61981
published_at	2026-04-04T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.61951
published_at	2026-04-07T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.62
published_at	2026-04-08T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.62017
published_at	2026-04-09T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.62038
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-25175

reference_url

https://github.com/jenkinsci/workflow-multibranch-plugin/commit/71c3f0a6ccdb2ba43f43686826b0d62160df85e8

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/jenkinsci/workflow-multibranch-plugin/commit/71c3f0a6ccdb2ba43f43686826b0d62160df85e8

reference_url

https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2463

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2463

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2055719
reference_id	2055719
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2055719

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-25175

reference_id

CVE-2022-25175

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-25175

reference_url

https://github.com/advisories/GHSA-pj84-qjm3-77mg

reference_id

GHSA-pj84-qjm3-77mg

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-pj84-qjm3-77mg

reference_url	https://access.redhat.com/errata/RHSA-2022:0871
reference_id	RHSA-2022:0871
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0871

reference_url	https://access.redhat.com/errata/RHSA-2022:1021
reference_id	RHSA-2022:1021
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1021

reference_url	https://access.redhat.com/errata/RHSA-2022:1025
reference_id	RHSA-2022:1025
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1025

reference_url	https://access.redhat.com/errata/RHSA-2022:1248
reference_id	RHSA-2022:1248
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1248

reference_url	https://access.redhat.com/errata/RHSA-2022:1420
reference_id	RHSA-2022:1420
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1420

reference_url	https://access.redhat.com/errata/RHSA-2022:1620
reference_id	RHSA-2022:1620
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1620

fixed_packages

aliases

CVE-2022-25175, GHSA-pj84-qjm3-77mg

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-41xr-8bvs-tucs

url

VCID-a8d9-5365-qubn

vulnerability_id

VCID-a8d9-5365-qubn

summary

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier uses the same checkout directories for distinct SCMs for Pipeline libraries, allowing attackers with Item/Configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25174.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25174.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-25174

reference_id

reference_type

scores

value	0.00219
scoring_system	epss
scoring_elements	0.44369
published_at	2026-04-29T12:55:00Z

value	0.00219
scoring_system	epss
scoring_elements	0.44562
published_at	2026-04-09T12:55:00Z

value	0.00219
scoring_system	epss
scoring_elements	0.44579
published_at	2026-04-11T12:55:00Z

value	0.00219
scoring_system	epss
scoring_elements	0.44549
published_at	2026-04-12T12:55:00Z

value	0.00219
scoring_system	epss
scoring_elements	0.4455
published_at	2026-04-13T12:55:00Z

value	0.00219
scoring_system	epss
scoring_elements	0.44607
published_at	2026-04-16T12:55:00Z

value	0.00219
scoring_system	epss
scoring_elements	0.44599
published_at	2026-04-18T12:55:00Z

value	0.00219
scoring_system	epss
scoring_elements	0.4453
published_at	2026-04-21T12:55:00Z

value	0.00219
scoring_system	epss
scoring_elements	0.44446
published_at	2026-04-24T12:55:00Z

value	0.00219
scoring_system	epss
scoring_elements	0.4445
published_at	2026-04-26T12:55:00Z

value	0.00219
scoring_system	epss
scoring_elements	0.44545
published_at	2026-04-02T12:55:00Z

value	0.00219
scoring_system	epss
scoring_elements	0.44567
published_at	2026-04-04T12:55:00Z

value	0.00219
scoring_system	epss
scoring_elements	0.44507
published_at	2026-04-07T12:55:00Z

value	0.00219
scoring_system	epss
scoring_elements	0.44557
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-25174

reference_url

https://github.com/CVEProject/cvelist/blob/e19344451ce1c4a4181b9f094b8fd38cd8d86c9f/2022/25xxx/CVE-2022-25174.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/CVEProject/cvelist/blob/e19344451ce1c4a4181b9f094b8fd38cd8d86c9f/2022/25xxx/CVE-2022-25174.json

reference_url

https://github.com/jenkinsci/workflow-cps-global-lib-plugin/commit/ace0de3c2d691662021ea10306eeb407da6b6365

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/jenkinsci/workflow-cps-global-lib-plugin/commit/ace0de3c2d691662021ea10306eeb407da6b6365

reference_url

https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2463

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2463

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2055734
reference_id	2055734
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2055734

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-25174

reference_id

CVE-2022-25174

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-25174

reference_url

https://github.com/advisories/GHSA-g9fx-6j5c-grmw

reference_id

GHSA-g9fx-6j5c-grmw

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-g9fx-6j5c-grmw

reference_url	https://access.redhat.com/errata/RHSA-2022:0871
reference_id	RHSA-2022:0871
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0871

reference_url	https://access.redhat.com/errata/RHSA-2022:1021
reference_id	RHSA-2022:1021
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1021

reference_url	https://access.redhat.com/errata/RHSA-2022:1025
reference_id	RHSA-2022:1025
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1025

reference_url	https://access.redhat.com/errata/RHSA-2022:1248
reference_id	RHSA-2022:1248
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1248

reference_url	https://access.redhat.com/errata/RHSA-2022:1420
reference_id	RHSA-2022:1420
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1420

reference_url	https://access.redhat.com/errata/RHSA-2022:1620
reference_id	RHSA-2022:1620
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1620

fixed_packages

aliases

CVE-2022-25174, GHSA-g9fx-6j5c-grmw

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-a8d9-5365-qubn

url

VCID-chux-mqkp-cfe5

vulnerability_id

VCID-chux-mqkp-cfe5

summary

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier does not restrict the names of resources passed to the libraryResource step, allowing attackers able to configure Pipelines permission to read arbitrary files on the Jenkins controller file system.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25178.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25178.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-25178

reference_id

reference_type

scores

value	0.00296
scoring_system	epss
scoring_elements	0.5286
published_at	2026-04-29T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52909
published_at	2026-04-12T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52893
published_at	2026-04-13T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.5293
published_at	2026-04-16T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52938
published_at	2026-04-18T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.5292
published_at	2026-04-21T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52887
published_at	2026-04-24T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52898
published_at	2026-04-26T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52835
published_at	2026-04-02T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52861
published_at	2026-04-04T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52829
published_at	2026-04-07T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.5288
published_at	2026-04-08T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52874
published_at	2026-04-09T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52925
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-25178

reference_url

https://github.com/jenkinsci/workflow-cps-global-lib-plugin

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/jenkinsci/workflow-cps-global-lib-plugin

reference_url

https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2613

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2613

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2055789
reference_id	2055789
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2055789

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-25178

reference_id

CVE-2022-25178

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-25178

reference_url

https://github.com/advisories/GHSA-5hfv-mg5x-mv32

reference_id

GHSA-5hfv-mg5x-mv32

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-5hfv-mg5x-mv32

reference_url	https://access.redhat.com/errata/RHSA-2022:0871
reference_id	RHSA-2022:0871
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0871

reference_url	https://access.redhat.com/errata/RHSA-2022:1021
reference_id	RHSA-2022:1021
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1021

reference_url	https://access.redhat.com/errata/RHSA-2022:1025
reference_id	RHSA-2022:1025
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1025

reference_url	https://access.redhat.com/errata/RHSA-2022:1248
reference_id	RHSA-2022:1248
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1248

reference_url	https://access.redhat.com/errata/RHSA-2022:1420
reference_id	RHSA-2022:1420
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1420

reference_url	https://access.redhat.com/errata/RHSA-2022:1620
reference_id	RHSA-2022:1620
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1620

fixed_packages

aliases

CVE-2022-25178, GHSA-5hfv-mg5x-mv32

risk_score

3.1

exploitability

0.5

weighted_severity

6.2

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-chux-mqkp-cfe5

url

VCID-gv26-67cj-t3ae

vulnerability_id

VCID-gv26-67cj-t3ae

summary

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier uses the names of Pipeline libraries to create cache directories without any sanitization, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM using specially crafted library names if a global Pipeline library configured to use caching already exists.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25183.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25183.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-25183

reference_id

reference_type

scores

value	0.00396
scoring_system	epss
scoring_elements	0.60455
published_at	2026-04-29T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60449
published_at	2026-04-12T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60429
published_at	2026-04-13T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.6047
published_at	2026-04-16T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60478
published_at	2026-04-18T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60469
published_at	2026-04-21T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60453
published_at	2026-04-24T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60467
published_at	2026-04-26T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60381
published_at	2026-04-02T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60409
published_at	2026-04-04T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60376
published_at	2026-04-07T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60425
published_at	2026-04-08T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60442
published_at	2026-04-09T12:55:00Z

value	0.00396
scoring_system	epss
scoring_elements	0.60462
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-25183

reference_url

https://github.com/jenkinsci/workflow-cps-global-lib-plugin/commit/ace0de3c2d691662021ea10306eeb407da6b6365

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/jenkinsci/workflow-cps-global-lib-plugin/commit/ace0de3c2d691662021ea10306eeb407da6b6365

reference_url

https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2586

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2586

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2055802
reference_id	2055802
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2055802

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-25183

reference_id

CVE-2022-25183

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-25183

reference_url

https://github.com/advisories/GHSA-pfwp-q984-w7wh

reference_id

GHSA-pfwp-q984-w7wh

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-pfwp-q984-w7wh

reference_url	https://access.redhat.com/errata/RHSA-2022:0871
reference_id	RHSA-2022:0871
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0871

reference_url	https://access.redhat.com/errata/RHSA-2022:1021
reference_id	RHSA-2022:1021
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1021

reference_url	https://access.redhat.com/errata/RHSA-2022:1025
reference_id	RHSA-2022:1025
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1025

reference_url	https://access.redhat.com/errata/RHSA-2022:1248
reference_id	RHSA-2022:1248
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1248

reference_url	https://access.redhat.com/errata/RHSA-2022:1420
reference_id	RHSA-2022:1420
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1420

reference_url	https://access.redhat.com/errata/RHSA-2022:1620
reference_id	RHSA-2022:1620
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1620

fixed_packages

aliases

CVE-2022-25183, GHSA-pfwp-q984-w7wh

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-gv26-67cj-t3ae

url

VCID-h57k-wsgx-4kbr

vulnerability_id

VCID-h57k-wsgx-4kbr

summary

Improper Link Resolution Before File Access ('Link Following')
Jenkins Pipeline: Multibranch Plugin 706.vd43c65dec013 and earlier follows symbolic links to locations outside of the checkout directory for the configured SCM when reading files using the readTrusted step, allowing attackers able to configure Pipelines permission to read arbitrary files on the Jenkins controller file system.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25179.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25179.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-25179

reference_id

reference_type

scores

value	0.01569
scoring_system	epss
scoring_elements	0.81595
published_at	2026-04-29T12:55:00Z

value	0.01569
scoring_system	epss
scoring_elements	0.81539
published_at	2026-04-11T12:55:00Z

value	0.01569
scoring_system	epss
scoring_elements	0.81526
published_at	2026-04-12T12:55:00Z

value	0.01569
scoring_system	epss
scoring_elements	0.81556
published_at	2026-04-16T12:55:00Z

value	0.01569
scoring_system	epss
scoring_elements	0.81557
published_at	2026-04-18T12:55:00Z

value	0.01569
scoring_system	epss
scoring_elements	0.81559
published_at	2026-04-21T12:55:00Z

value	0.01569
scoring_system	epss
scoring_elements	0.81581
published_at	2026-04-24T12:55:00Z

value	0.01569
scoring_system	epss
scoring_elements	0.8159
published_at	2026-04-26T12:55:00Z

value	0.01569
scoring_system	epss
scoring_elements	0.81466
published_at	2026-04-02T12:55:00Z

value	0.01569
scoring_system	epss
scoring_elements	0.81488
published_at	2026-04-04T12:55:00Z

value	0.01569
scoring_system	epss
scoring_elements	0.81485
published_at	2026-04-07T12:55:00Z

value	0.01569
scoring_system	epss
scoring_elements	0.81513
published_at	2026-04-08T12:55:00Z

value	0.01569
scoring_system	epss
scoring_elements	0.81519
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-25179

reference_url

https://github.com/CVEProject/cvelist/blob/00bfb5abeecc9f553a2f42954ee540e493498ee9/2022/25xxx/CVE-2022-25179.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/CVEProject/cvelist/blob/00bfb5abeecc9f553a2f42954ee540e493498ee9/2022/25xxx/CVE-2022-25179.json

reference_url

https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2613

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2613

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2055792
reference_id	2055792
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2055792

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-25179

reference_id

CVE-2022-25179

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-25179

reference_url

https://github.com/advisories/GHSA-2m9w-9xh2-wxc3

reference_id

GHSA-2m9w-9xh2-wxc3

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-2m9w-9xh2-wxc3

reference_url	https://access.redhat.com/errata/RHSA-2022:0871
reference_id	RHSA-2022:0871
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0871

reference_url	https://access.redhat.com/errata/RHSA-2022:1021
reference_id	RHSA-2022:1021
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1021

reference_url	https://access.redhat.com/errata/RHSA-2022:1025
reference_id	RHSA-2022:1025
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1025

reference_url	https://access.redhat.com/errata/RHSA-2022:1248
reference_id	RHSA-2022:1248
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1248

reference_url	https://access.redhat.com/errata/RHSA-2022:1420
reference_id	RHSA-2022:1420
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1420

reference_url	https://access.redhat.com/errata/RHSA-2022:1620
reference_id	RHSA-2022:1620
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1620

fixed_packages

aliases

CVE-2022-25179, GHSA-2m9w-9xh2-wxc3

risk_score

3.1

exploitability

0.5

weighted_severity

6.2

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-h57k-wsgx-4kbr

url

VCID-hp27-w6wh-3ya6

vulnerability_id

VCID-hp27-w6wh-3ya6

summary

Password parameter default values exposed by Jenkins Pipeline: Build Step Plugin
Jenkins Pipeline: Build Step Plugin 2.15 and earlier reveals password parameter default values when generating a pipeline script using the Pipeline Snippet Generator, allowing attackers with Item/Read permission to retrieve the default password parameter value from jobs.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25184.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25184.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-25184

reference_id

reference_type

scores

value	0.00088
scoring_system	epss
scoring_elements	0.25049
published_at	2026-04-29T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.25269
published_at	2026-04-09T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.25284
published_at	2026-04-11T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.25242
published_at	2026-04-12T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.25189
published_at	2026-04-13T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.25198
published_at	2026-04-16T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.25188
published_at	2026-04-18T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.25157
published_at	2026-04-21T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.25105
published_at	2026-04-24T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.25094
published_at	2026-04-26T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.25338
published_at	2026-04-02T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.25378
published_at	2026-04-04T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.25155
published_at	2026-04-07T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.25224
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-25184

reference_url

https://github.com/jenkinsci/pipeline-build-step-plugin

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/jenkinsci/pipeline-build-step-plugin

reference_url

https://github.com/jenkinsci/pipeline-build-step-plugin/commit/c06f65425fe9696d2237f591959dd4b5c6083fd9

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/jenkinsci/pipeline-build-step-plugin/commit/c06f65425fe9696d2237f591959dd4b5c6083fd9

reference_url

https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2519

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2519

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2055804
reference_id	2055804
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2055804

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-25184

reference_id

CVE-2022-25184

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-25184

reference_url

https://github.com/advisories/GHSA-g84f-cmc8-682c

reference_id

GHSA-g84f-cmc8-682c

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-g84f-cmc8-682c

reference_url	https://access.redhat.com/errata/RHSA-2022:0871
reference_id	RHSA-2022:0871
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0871

reference_url	https://access.redhat.com/errata/RHSA-2022:1021
reference_id	RHSA-2022:1021
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1021

reference_url	https://access.redhat.com/errata/RHSA-2022:1025
reference_id	RHSA-2022:1025
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1025

reference_url	https://access.redhat.com/errata/RHSA-2022:1248
reference_id	RHSA-2022:1248
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1248

reference_url	https://access.redhat.com/errata/RHSA-2022:1420
reference_id	RHSA-2022:1420
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1420

reference_url	https://access.redhat.com/errata/RHSA-2022:1620
reference_id	RHSA-2022:1620
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1620

fixed_packages

aliases

CVE-2022-25184, GHSA-g84f-cmc8-682c

risk_score

3.1

exploitability

0.5

weighted_severity

6.2

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-hp27-w6wh-3ya6

url

VCID-jj9c-e7k7-aqea

vulnerability_id

VCID-jj9c-e7k7-aqea

summary

Improper Link Resolution Before File Access ('Link Following')
Jenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier follows symbolic links to locations outside of the checkout directory for the configured SCM when reading the script file (typically Jenkinsfile) for Pipelines, allowing attackers able to configure Pipelines to read arbitrary files on the Jenkins controller file system.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25176.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25176.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-25176

reference_id

reference_type

scores

value	0.00642
scoring_system	epss
scoring_elements	0.70687
published_at	2026-04-29T12:55:00Z

value	0.00642
scoring_system	epss
scoring_elements	0.706
published_at	2026-04-09T12:55:00Z

value	0.00642
scoring_system	epss
scoring_elements	0.70622
published_at	2026-04-11T12:55:00Z

value	0.00642
scoring_system	epss
scoring_elements	0.70608
published_at	2026-04-12T12:55:00Z

value	0.00642
scoring_system	epss
scoring_elements	0.70594
published_at	2026-04-13T12:55:00Z

value	0.00642
scoring_system	epss
scoring_elements	0.70639
published_at	2026-04-16T12:55:00Z

value	0.00642
scoring_system	epss
scoring_elements	0.70648
published_at	2026-04-18T12:55:00Z

value	0.00642
scoring_system	epss
scoring_elements	0.70626
published_at	2026-04-21T12:55:00Z

value	0.00642
scoring_system	epss
scoring_elements	0.70677
published_at	2026-04-24T12:55:00Z

value	0.00642
scoring_system	epss
scoring_elements	0.70545
published_at	2026-04-02T12:55:00Z

value	0.00642
scoring_system	epss
scoring_elements	0.70562
published_at	2026-04-04T12:55:00Z

value	0.00642
scoring_system	epss
scoring_elements	0.70539
published_at	2026-04-07T12:55:00Z

value	0.00642
scoring_system	epss
scoring_elements	0.70585
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-25176

reference_url

https://github.com/jenkinsci/workflow-cps-plugin

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/jenkinsci/workflow-cps-plugin

reference_url

https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2613

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:28Z/

url

https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2613

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2055787
reference_id	2055787
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2055787

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-25176

reference_id

CVE-2022-25176

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-25176

reference_url

https://github.com/advisories/GHSA-6473-gqrj-4p65

reference_id

GHSA-6473-gqrj-4p65

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-6473-gqrj-4p65

reference_url	https://access.redhat.com/errata/RHSA-2022:0871
reference_id	RHSA-2022:0871
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0871

reference_url	https://access.redhat.com/errata/RHSA-2022:1021
reference_id	RHSA-2022:1021
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1021

reference_url	https://access.redhat.com/errata/RHSA-2022:1025
reference_id	RHSA-2022:1025
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1025

reference_url	https://access.redhat.com/errata/RHSA-2022:1248
reference_id	RHSA-2022:1248
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1248

reference_url	https://access.redhat.com/errata/RHSA-2022:1420
reference_id	RHSA-2022:1420
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1420

reference_url	https://access.redhat.com/errata/RHSA-2022:1620
reference_id	RHSA-2022:1620
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1620

fixed_packages

aliases

CVE-2022-25176, GHSA-6473-gqrj-4p65

risk_score

3.1

exploitability

0.5

weighted_severity

6.2

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-jj9c-e7k7-aqea

url

VCID-m4y6-523t-v7ft

vulnerability_id

VCID-m4y6-523t-v7ft

summary

Insufficiently Protected Credentials
Jenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier includes password parameters from the original build in replayed builds, allowing attackers with Run/Replay permission to obtain the values of password parameters passed to previous builds of a Pipeline.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25180.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25180.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-25180

reference_id

reference_type

scores

value	0.0004
scoring_system	epss
scoring_elements	0.12109
published_at	2026-04-29T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12306
published_at	2026-04-12T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12268
published_at	2026-04-13T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12162
published_at	2026-04-16T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12165
published_at	2026-04-18T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12271
published_at	2026-04-21T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12252
published_at	2026-04-24T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12219
published_at	2026-04-26T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.1236
published_at	2026-04-02T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12406
published_at	2026-04-04T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12206
published_at	2026-04-07T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12286
published_at	2026-04-08T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12336
published_at	2026-04-09T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12344
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-25180

reference_url

https://github.com/jenkinsci/workflow-cps-plugin/commit/886676efdd711e126307ec70a539f2fe613151f9

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/jenkinsci/workflow-cps-plugin/commit/886676efdd711e126307ec70a539f2fe613151f9

reference_url

https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2443

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2443

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2055795
reference_id	2055795
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2055795

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-25180

reference_id

CVE-2022-25180

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-25180

reference_url

https://github.com/advisories/GHSA-qv6q-x9vr-w7j3

reference_id

GHSA-qv6q-x9vr-w7j3

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-qv6q-x9vr-w7j3

reference_url	https://access.redhat.com/errata/RHSA-2022:0871
reference_id	RHSA-2022:0871
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0871

reference_url	https://access.redhat.com/errata/RHSA-2022:1021
reference_id	RHSA-2022:1021
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1021

reference_url	https://access.redhat.com/errata/RHSA-2022:1025
reference_id	RHSA-2022:1025
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1025

reference_url	https://access.redhat.com/errata/RHSA-2022:1248
reference_id	RHSA-2022:1248
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1248

reference_url	https://access.redhat.com/errata/RHSA-2022:1420
reference_id	RHSA-2022:1420
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1420

reference_url	https://access.redhat.com/errata/RHSA-2022:1620
reference_id	RHSA-2022:1620
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1620

fixed_packages

aliases

CVE-2022-25180, GHSA-qv6q-x9vr-w7j3

risk_score

3.1

exploitability

0.5

weighted_severity

6.2

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-m4y6-523t-v7ft

url

VCID-msed-m3xv-rkfg

vulnerability_id

VCID-msed-m3xv-rkfg

summary

Improper Link Resolution Before File Access ('Link Following')
Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier follows symbolic links to locations outside of the expected Pipeline library when reading files using the libraryResource step, allowing attackers able to configure Pipelines to read arbitrary files on the Jenkins controller file system.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25177.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25177.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-25177

reference_id

reference_type

scores

value	0.00642
scoring_system	epss
scoring_elements	0.70687
published_at	2026-04-29T12:55:00Z

value	0.00642
scoring_system	epss
scoring_elements	0.70622
published_at	2026-04-11T12:55:00Z

value	0.00642
scoring_system	epss
scoring_elements	0.70608
published_at	2026-04-12T12:55:00Z

value	0.00642
scoring_system	epss
scoring_elements	0.70594
published_at	2026-04-13T12:55:00Z

value	0.00642
scoring_system	epss
scoring_elements	0.70639
published_at	2026-04-16T12:55:00Z

value	0.00642
scoring_system	epss
scoring_elements	0.70648
published_at	2026-04-18T12:55:00Z

value	0.00642
scoring_system	epss
scoring_elements	0.70626
published_at	2026-04-21T12:55:00Z

value	0.00642
scoring_system	epss
scoring_elements	0.70677
published_at	2026-04-24T12:55:00Z

value	0.00642
scoring_system	epss
scoring_elements	0.70545
published_at	2026-04-02T12:55:00Z

value	0.00642
scoring_system	epss
scoring_elements	0.70562
published_at	2026-04-04T12:55:00Z

value	0.00642
scoring_system	epss
scoring_elements	0.70539
published_at	2026-04-07T12:55:00Z

value	0.00642
scoring_system	epss
scoring_elements	0.70585
published_at	2026-04-08T12:55:00Z

value	0.00642
scoring_system	epss
scoring_elements	0.706
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-25177

reference_url

https://github.com/jenkinsci/workflow-cps-global-lib-plugin

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/jenkinsci/workflow-cps-global-lib-plugin

reference_url

https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2613

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2613

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2055788
reference_id	2055788
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2055788

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-25177

reference_id

CVE-2022-25177

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-25177

reference_url

https://github.com/advisories/GHSA-q234-x887-9rxh

reference_id

GHSA-q234-x887-9rxh

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-q234-x887-9rxh

reference_url	https://access.redhat.com/errata/RHSA-2022:0871
reference_id	RHSA-2022:0871
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0871

reference_url	https://access.redhat.com/errata/RHSA-2022:1021
reference_id	RHSA-2022:1021
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1021

reference_url	https://access.redhat.com/errata/RHSA-2022:1025
reference_id	RHSA-2022:1025
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1025

reference_url	https://access.redhat.com/errata/RHSA-2022:1248
reference_id	RHSA-2022:1248
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1248

reference_url	https://access.redhat.com/errata/RHSA-2022:1420
reference_id	RHSA-2022:1420
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1420

reference_url	https://access.redhat.com/errata/RHSA-2022:1620
reference_id	RHSA-2022:1620
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1620

fixed_packages

aliases

CVE-2022-25177, GHSA-q234-x887-9rxh

risk_score

3.1

exploitability

0.5

weighted_severity

6.2

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-msed-m3xv-rkfg

url

VCID-s2j3-7pfj-buav

vulnerability_id

VCID-s2j3-7pfj-buav

summary

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
A sandbox bypass vulnerability in Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier allows attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM through crafted SCM contents, if a global Pipeline library already exists.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25181.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25181.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-25181

reference_id

reference_type

scores

value	0.00292
scoring_system	epss
scoring_elements	0.52517
published_at	2026-04-29T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52576
published_at	2026-04-12T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52561
published_at	2026-04-13T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52601
published_at	2026-04-16T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52608
published_at	2026-04-18T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52593
published_at	2026-04-21T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52543
published_at	2026-04-24T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52554
published_at	2026-04-26T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52501
published_at	2026-04-02T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52527
published_at	2026-04-04T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52494
published_at	2026-04-07T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52547
published_at	2026-04-08T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52541
published_at	2026-04-09T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.52592
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-25181

reference_url

https://github.com/jenkinsci/workflow-cps-global-lib-plugin/commit/ace0de3c2d691662021ea10306eeb407da6b6365

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/jenkinsci/workflow-cps-global-lib-plugin/commit/ace0de3c2d691662021ea10306eeb407da6b6365

reference_url

https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2441

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2441

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2055797
reference_id	2055797
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2055797

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-25181

reference_id

CVE-2022-25181

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-25181

reference_url

https://github.com/advisories/GHSA-7w2w-fwpf-9m4h

reference_id

GHSA-7w2w-fwpf-9m4h

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-7w2w-fwpf-9m4h

reference_url	https://access.redhat.com/errata/RHSA-2022:0871
reference_id	RHSA-2022:0871
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0871

reference_url	https://access.redhat.com/errata/RHSA-2022:1021
reference_id	RHSA-2022:1021
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1021

reference_url	https://access.redhat.com/errata/RHSA-2022:1025
reference_id	RHSA-2022:1025
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1025

reference_url	https://access.redhat.com/errata/RHSA-2022:1248
reference_id	RHSA-2022:1248
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1248

reference_url	https://access.redhat.com/errata/RHSA-2022:1420
reference_id	RHSA-2022:1420
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1420

reference_url	https://access.redhat.com/errata/RHSA-2022:1620
reference_id	RHSA-2022:1620
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1620

fixed_packages

aliases

CVE-2022-25181, GHSA-7w2w-fwpf-9m4h

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-s2j3-7pfj-buav

url

VCID-x5nw-w14p-juas

vulnerability_id

VCID-x5nw-w14p-juas

summary

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Jenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier uses the same checkout directories for distinct SCMs when reading the script file (typically Jenkinsfile) for Pipelines, allowing attackers with Item/Configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25173.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25173.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-25173

reference_id

reference_type

scores

value	0.00184
scoring_system	epss
scoring_elements	0.39804
published_at	2026-04-29T12:55:00Z

value	0.00184
scoring_system	epss
scoring_elements	0.4019
published_at	2026-04-11T12:55:00Z

value	0.00184
scoring_system	epss
scoring_elements	0.40114
published_at	2026-04-07T12:55:00Z

value	0.00184
scoring_system	epss
scoring_elements	0.40167
published_at	2026-04-08T12:55:00Z

value	0.00184
scoring_system	epss
scoring_elements	0.40179
published_at	2026-04-09T12:55:00Z

value	0.00184
scoring_system	epss
scoring_elements	0.40153
published_at	2026-04-12T12:55:00Z

value	0.00184
scoring_system	epss
scoring_elements	0.40134
published_at	2026-04-13T12:55:00Z

value	0.00184
scoring_system	epss
scoring_elements	0.40183
published_at	2026-04-16T12:55:00Z

value	0.00184
scoring_system	epss
scoring_elements	0.40154
published_at	2026-04-18T12:55:00Z

value	0.00184
scoring_system	epss
scoring_elements	0.40074
published_at	2026-04-21T12:55:00Z

value	0.00184
scoring_system	epss
scoring_elements	0.39901
published_at	2026-04-24T12:55:00Z

value	0.00184
scoring_system	epss
scoring_elements	0.39885
published_at	2026-04-26T12:55:00Z

value	0.00184
scoring_system	epss
scoring_elements	0.40165
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-25173

reference_url

https://github.com/CVEProject/cvelist/blob/3615f493b8a36ff15735fb9d79c9dc9e0d542695/2022/25xxx/CVE-2022-25173.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/CVEProject/cvelist/blob/3615f493b8a36ff15735fb9d79c9dc9e0d542695/2022/25xxx/CVE-2022-25173.json

reference_url

https://github.com/jenkinsci/workflow-cps-plugin/commit/f7ae7b75a457976853539bff1db52373b85fdb85

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/jenkinsci/workflow-cps-plugin/commit/f7ae7b75a457976853539bff1db52373b85fdb85

reference_url

https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2463

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2463

reference_url

http://www.openwall.com/lists/oss-security/2022/02/15/2

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2022/02/15/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2055733
reference_id	2055733
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2055733

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-25173

reference_id

CVE-2022-25173

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-25173

reference_url

https://github.com/advisories/GHSA-4m7p-55jm-3vwv

reference_id

GHSA-4m7p-55jm-3vwv

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-4m7p-55jm-3vwv

reference_url	https://access.redhat.com/errata/RHSA-2022:0871
reference_id	RHSA-2022:0871
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0871

reference_url	https://access.redhat.com/errata/RHSA-2022:1021
reference_id	RHSA-2022:1021
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1021

reference_url	https://access.redhat.com/errata/RHSA-2022:1025
reference_id	RHSA-2022:1025
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1025

reference_url	https://access.redhat.com/errata/RHSA-2022:1248
reference_id	RHSA-2022:1248
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1248

reference_url	https://access.redhat.com/errata/RHSA-2022:1420
reference_id	RHSA-2022:1420
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1420

reference_url	https://access.redhat.com/errata/RHSA-2022:1620
reference_id	RHSA-2022:1620
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1620

fixed_packages

aliases

CVE-2022-25173, GHSA-4m7p-55jm-3vwv

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-x5nw-w14p-juas

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins-2-plugins@4.7.1648800585-1%3Farch=el8

Package Instance