{"containers": {"cna": {"affected": [{"product": "Jenkins Pipeline: Groovy Plugin", "vendor": "Jenkins project", "versions": [{"lessThanOrEqual": "2648.va9433432b33c", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"status": "unaffected", "version": "2.94.1"}, {"status": "unaffected", "version": "2.92.1"}]}], "descriptions": [{"lang": "en", "value": "Jenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier follows symbolic links to locations outside of the checkout directory for the configured SCM when reading the script file (typically Jenkinsfile) for Pipelines, allowing attackers able to configure Pipelines to read arbitrary files on the Jenkins controller file system."}], "providerMetadata": {"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "shortName": "jenkins", "dateUpdated": "2023-10-24T14:19:32.751Z"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2613"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "jenkinsci-cert@googlegroups.com", "ID": "CVE-2022-25176", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Jenkins Pipeline: Groovy Plugin", "version": {"version_data": [{"version_affected": "<=", "version_value": "2648.va9433432b33c"}, {"version_affected": "!", "version_value": "2.94.1"}, {"version_affected": "!", "version_value": "2.92.1"}]}}]}, "vendor_name": "Jenkins project"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Jenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier follows symbolic links to locations outside of the checkout directory for the configured SCM when reading the script file (typically Jenkinsfile) for Pipelines, allowing attackers able to configure Pipelines to read arbitrary files on the Jenkins controller file system."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-59: Improper Link Resolution Before File Access ('Link Following')"}]}]}, "references": {"reference_data": [{"name": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2613", "refsource": "CONFIRM", "url": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2613"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T04:36:05.777Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2613"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-15T17:09:28.760572Z", "id": "CVE-2022-25176", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-15T17:14:05.406Z"}}]}, "cveMetadata": {"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "assignerShortName": "jenkins", "cveId": "CVE-2022-25176", "datePublished": "2022-02-15T16:10:55", "dateReserved": "2022-02-15T00:00:00", "dateUpdated": "2024-10-15T17:14:05.406Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2613", "tags": ["x_refsource_CONFIRM", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T04:36:05.777Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-25176", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-10-15T17:09:28.760572Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-15T17:11:03.668Z"}}], "cna": {"affected": [{"vendor": "Jenkins project", "product": "Jenkins Pipeline: Groovy Plugin", "versions": [{"status": "affected", "version": "unspecified", "versionType": "custom", "lessThanOrEqual": "2648.va9433432b33c"}, {"status": "unaffected", "version": "2.94.1"}, {"status": "unaffected", "version": "2.92.1"}]}], "references": [{"url": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2613", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "Jenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier follows symbolic links to locations outside of the checkout directory for the configured SCM when reading the script file (typically Jenkinsfile) for Pipelines, allowing attackers able to configure Pipelines to read arbitrary files on the Jenkins controller file system."}], "providerMetadata": {"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "shortName": "jenkins", "dateUpdated": "2023-10-24T14:19:32.751Z"}, "x_legacyV4Record": {"affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "2648.va9433432b33c", "version_affected": "<="}, {"version_value": "2.94.1", "version_affected": "!"}, {"version_value": "2.92.1", "version_affected": "!"}]}, "product_name": "Jenkins Pipeline: Groovy Plugin"}]}, "vendor_name": "Jenkins project"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2613", "name": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2613", "refsource": "CONFIRM"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "Jenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier follows symbolic links to locations outside of the checkout directory for the configured SCM when reading the script file (typically Jenkinsfile) for Pipelines, allowing attackers able to configure Pipelines to read arbitrary files on the Jenkins controller file system."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-59: Improper Link Resolution Before File Access ('Link Following')"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-25176", "STATE": "PUBLIC", "ASSIGNER": "jenkinsci-cert@googlegroups.com"}}}}, "cveMetadata": {"cveId": "CVE-2022-25176", "state": "PUBLISHED", "dateUpdated": "2024-10-15T17:14:05.406Z", "dateReserved": "2022-02-15T00:00:00", "assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "datePublished": "2022-02-15T16:10:55", "assignerShortName": "jenkins"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:jenkins:pipeline\\:_groovy:*:*:*:*:*:jenkins:*:*", "matchCriteriaId": "81A914EA-6F5A-4020-A379-471365BCEB60", "versionEndIncluding": "2648.va9433432b33c", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Jenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier follows symbolic links to locations outside of the checkout directory for the configured SCM when reading the script file (typically Jenkinsfile) for Pipelines, allowing attackers able to configure Pipelines to read arbitrary files on the Jenkins controller file system."}, {"lang": "es", "value": "Jenkins Pipeline: Groovy Plugin versiones 2648.va9433432b33c y anteriores, sigue enlaces simb\u00f3licos a ubicaciones fuera del directorio de checkout para el SCM configurado cuando lee el archivo de script (t\u00edpicamente Jenkinsfile) para Pipelines, permitiendo a atacantes capaces de configurar Pipelines para leer archivos arbitrarios en el sistema de archivos del controlador de Jenkins"}], "id": "CVE-2022-25176", "lastModified": "2024-11-21T06:51:45.293", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-02-15T17:15:08.697", "references": [{"source": "jenkinsci-cert@googlegroups.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2613"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2613"}], "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-59"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2022:1420", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "jenkins-2-plugins-0:3.11.1650371376-1.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2022-04-27T00:00:00Z"}, {"advisory": "RHSA-2022:1025", "cpe": "cpe:/a:redhat:openshift:4.10::el8", "package": "jenkins-2-plugins-0:4.10.1647505461-1.el8", "product_name": "Red Hat OpenShift Container Platform 4.10", "release_date": "2022-03-28T00:00:00Z"}, {"advisory": "RHSA-2022:1620", "cpe": "cpe:/a:redhat:openshift:4.6::el8", "package": "jenkins-2-plugins-0:4.6.1650364520-1.el8", "product_name": "Red Hat OpenShift Container Platform 4.6", "release_date": "2022-05-04T00:00:00Z"}, {"advisory": "RHSA-2022:1248", "cpe": "cpe:/a:redhat:openshift:4.7::el8", "package": "jenkins-2-plugins-0:4.7.1648800585-1.el8", "product_name": "Red Hat OpenShift Container Platform 4.7", "release_date": "2022-04-13T00:00:00Z"}, {"advisory": "RHSA-2022:0871", "cpe": "cpe:/a:redhat:openshift:4.8::el8", "package": "jenkins-2-plugins-0:4.8.1646993358-1.el8", "product_name": "Red Hat OpenShift Container Platform 4.8", "release_date": "2022-03-22T00:00:00Z"}, {"advisory": "RHSA-2022:1021", "cpe": "cpe:/a:redhat:openshift:4.9::el8", "package": "jenkins-2-plugins-0:4.9.1647580879-1.el8", "product_name": "Red Hat OpenShift Container Platform 4.9", "release_date": "2022-03-29T00:00:00Z"}], "bugzilla": {"description": "workflow-cps: Pipeline-related plugins follow symbolic links or do not limit path names", "id": "2055787", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055787"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "status": "verified"}, "cwe": "CWE-59", "details": ["Jenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier follows symbolic links to locations outside of the checkout directory for the configured SCM when reading the script file (typically Jenkinsfile) for Pipelines, allowing attackers able to configure Pipelines to read arbitrary files on the Jenkins controller file system.", "A flaw was found in Jenkins. The Pipeline: Groovy Plugin follows symbolic links to locations outside of the checkout directory for the configured SCM when reading the script file (typically Jenkinsfile) for Pipelines. This flaw allows attackers who can configure Pipelines to read arbitrary files on the Jenkins controller file system."], "name": "CVE-2022-25176", "public_date": "2022-02-15T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-25176\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-25176"], "threat_severity": "Moderate"}