[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2022-25175":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":40,"aliases":41,"duplicate_of":9,"upstream":43,"downstream":44,"duplicates":57,"related":58,"reserved_at":9,"published_at":59,"modified_at":60,"state":61,"summary":62,"references_raw":71,"kevs":90,"epss":91,"epss_history":94,"metrics":352,"affected":365},"CVE-2022-25175","Jenkins Pipeline: Multibranch Plugin 706.vd43c65dec013 and earlier uses the same checkout directories for distinct SCMs for the readTrusted step, allowing attackers with Item/Configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-78","Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.","weakness","Stable","Base","High",[20,24,28,32,36],{"id":21,"name":22,"techniques":23},"CAPEC-108","Command Line Execution through SQL Injection",[],{"id":25,"name":26,"techniques":27},"CAPEC-15","Command Delimiters",[],{"id":29,"name":30,"techniques":31},"CAPEC-43","Exploiting Multiple Input Interpretation Layers",[],{"id":33,"name":34,"techniques":35},"CAPEC-6","Argument Injection",[],{"id":37,"name":38,"techniques":39},"CAPEC-88","OS Command Injection",[],[],[42],"GHSA-pj84-qjm3-77mg",[],[45,47,49,51,53,55],{"_key":46},"RHSA-2022:0871",{"_key":48},"RHSA-2022:1021",{"_key":50},"RHSA-2022:1025",{"_key":52},"RHSA-2022:1248",{"_key":54},"RHSA-2022:1420",{"_key":56},"RHSA-2022:1620",[],[],"2022-02-15T00:00:00.000Z","2024-08-03T04:36:06.194Z","Modified",{"cisa_kev":63,"cisa_ransomware":63,"cisa_vendor":9,"epss_severity":64,"epss_score":65,"severity":66,"severity_score":67,"severity_version":68,"severity_source":69,"severity_vector":70,"severity_status":61},false,"low",0.00421,"high",8.8,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",[72,81,86],{"url":73,"sources":74,"tags":77},"https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2463",[75,69,76],"cve.org","osv_maven",[78,79,80],"Patch","Vendor Advisory","WEB",{"url":82,"sources":83,"tags":84},"https://nvd.nist.gov/vuln/detail/CVE-2022-25175",[76],[85],"Advisory",{"url":87,"sources":88,"tags":89},"https://github.com/jenkinsci/workflow-multibranch-plugin/commit/71c3f0a6ccdb2ba43f43686826b0d62160df85e8",[76],[80],[],{"date":92,"score":65,"percentile":93},"2026-06-04",0.62327,[95,99,103,106,109,112,115,118,121,124,127,130,133,136,139,143,146,149,152,154,156,158,160,163,165,168,171,173,176,179,181,184,187,189,193,196,199,202,205,208,211,214,216,219,222,225,228,230,233,235,238,241,244,246,250,253,256,259,262,265,268,271,274,277,279,283,286,289,292,295,298,301,303,305,308,311,314,317,319,321,324,327,330,333,336,339,342,345,347,349],{"date":96,"score":97,"percentile":98},"2025-11-04",0.03125,0.86326,{"date":100,"score":101,"percentile":102},"2025-11-05",0.0358,0.87238,{"date":104,"score":101,"percentile":105},"2025-11-06",0.87235,{"date":107,"score":101,"percentile":108},"2025-11-07",0.87243,{"date":110,"score":101,"percentile":111},"2025-11-08",0.87247,{"date":113,"score":101,"percentile":114},"2025-11-09",0.8724,{"date":116,"score":101,"percentile":117},"2025-11-10",0.87239,{"date":119,"score":101,"percentile":120},"2025-11-11",0.87245,{"date":122,"score":101,"percentile":123},"2025-11-12",0.87251,{"date":125,"score":101,"percentile":126},"2025-11-13",0.87256,{"date":128,"score":101,"percentile":129},"2025-11-14",0.87258,{"date":131,"score":101,"percentile":132},"2025-11-15",0.87253,{"date":134,"score":101,"percentile":135},"2025-11-16",0.87257,{"date":137,"score":101,"percentile":138},"2025-11-17",0.87254,{"date":140,"score":141,"percentile":142},"2025-11-18",0.0498,0.88637,{"date":144,"score":141,"percentile":145},"2025-11-19",0.88641,{"date":147,"score":141,"percentile":148},"2025-11-20",0.88645,{"date":150,"score":101,"percentile":151},"2025-11-21",0.87263,{"date":153,"score":101,"percentile":135},"2025-11-22",{"date":155,"score":101,"percentile":138},"2025-11-23",{"date":157,"score":101,"percentile":126},"2025-11-24",{"date":159,"score":101,"percentile":126},"2025-11-25",{"date":161,"score":101,"percentile":162},"2025-11-26",0.87255,{"date":164,"score":101,"percentile":135},"2025-11-27",{"date":166,"score":101,"percentile":167},"2025-11-28",0.87246,{"date":169,"score":101,"percentile":170},"2025-11-29",0.87319,{"date":172,"score":101,"percentile":170},"2025-11-30",{"date":174,"score":101,"percentile":175},"2025-12-01",0.87382,{"date":177,"score":101,"percentile":178},"2025-12-02",0.87383,{"date":180,"score":101,"percentile":175},"2025-12-03",{"date":182,"score":101,"percentile":183},"2025-12-04",0.87317,{"date":185,"score":101,"percentile":186},"2025-12-05",0.8732,{"date":188,"score":101,"percentile":183},"2025-12-06",{"date":190,"score":191,"percentile":192},"2025-12-07",0.03403,0.86986,{"date":194,"score":191,"percentile":195},"2025-12-08",0.86987,{"date":197,"score":191,"percentile":198},"2025-12-09",0.86995,{"date":200,"score":191,"percentile":201},"2025-12-10",0.87014,{"date":203,"score":191,"percentile":204},"2025-12-11",0.8702,{"date":206,"score":191,"percentile":207},"2025-12-12",0.87024,{"date":209,"score":191,"percentile":210},"2025-12-13",0.87021,{"date":212,"score":191,"percentile":213},"2025-12-14",0.87015,{"date":215,"score":191,"percentile":201},"2025-12-15",{"date":217,"score":191,"percentile":218},"2025-12-16",0.87022,{"date":220,"score":191,"percentile":221},"2025-12-17",0.87027,{"date":223,"score":191,"percentile":224},"2025-12-18",0.87035,{"date":226,"score":191,"percentile":227},"2025-12-19",0.87037,{"date":229,"score":191,"percentile":224},"2025-12-20",{"date":231,"score":191,"percentile":232},"2025-12-21",0.87036,{"date":234,"score":191,"percentile":224},"2025-12-22",{"date":236,"score":191,"percentile":237},"2025-12-23",0.87038,{"date":239,"score":191,"percentile":240},"2025-12-24",0.87044,{"date":242,"score":191,"percentile":243},"2025-12-25",0.87057,{"date":245,"score":191,"percentile":243},"2025-12-26",{"date":247,"score":248,"percentile":249},"2025-12-27",0.01881,0.82742,{"date":251,"score":248,"percentile":252},"2025-12-28",0.82694,{"date":254,"score":248,"percentile":255},"2025-12-29",0.82689,{"date":257,"score":248,"percentile":258},"2025-12-30",0.82696,{"date":260,"score":248,"percentile":261},"2025-12-31",0.8271,{"date":263,"score":248,"percentile":264},"2026-01-01",0.82782,{"date":266,"score":248,"percentile":267},"2026-01-02",0.82777,{"date":269,"score":248,"percentile":270},"2026-01-03",0.82771,{"date":272,"score":248,"percentile":273},"2026-01-04",0.82688,{"date":275,"score":248,"percentile":276},"2026-01-05",0.82682,{"date":278,"score":248,"percentile":273},"2026-01-06",{"date":280,"score":281,"percentile":282},"2026-01-07",0.02642,0.85301,{"date":284,"score":281,"percentile":285},"2026-01-08",0.8531,{"date":287,"score":281,"percentile":288},"2026-01-09",0.85312,{"date":290,"score":281,"percentile":291},"2026-01-10",0.85308,{"date":293,"score":281,"percentile":294},"2026-01-11",0.85304,{"date":296,"score":281,"percentile":297},"2026-01-12",0.85297,{"date":299,"score":281,"percentile":300},"2026-01-13",0.85291,{"date":302,"score":281,"percentile":285},"2026-01-14",{"date":304,"score":281,"percentile":291},"2026-01-15",{"date":306,"score":281,"percentile":307},"2026-01-16",0.85314,{"date":309,"score":281,"percentile":310},"2026-01-17",0.85319,{"date":312,"score":281,"percentile":313},"2026-01-18",0.85315,{"date":315,"score":281,"percentile":316},"2026-01-19",0.85311,{"date":318,"score":281,"percentile":307},"2026-01-20",{"date":320,"score":281,"percentile":310},"2026-01-21",{"date":322,"score":281,"percentile":323},"2026-01-22",0.85323,{"date":325,"score":281,"percentile":326},"2026-01-23",0.85335,{"date":328,"score":281,"percentile":329},"2026-01-24",0.85344,{"date":331,"score":281,"percentile":332},"2026-01-25",0.85339,{"date":334,"score":281,"percentile":335},"2026-01-26",0.85337,{"date":337,"score":281,"percentile":338},"2026-01-27",0.85342,{"date":340,"score":281,"percentile":341},"2026-01-28",0.85346,{"date":343,"score":281,"percentile":344},"2026-01-29",0.85349,{"date":346,"score":281,"percentile":344},"2026-01-30",{"date":348,"score":281,"percentile":344},"2026-01-31",{"date":350,"score":281,"percentile":351},"2026-02-01",0.85414,[353,363],{"source":69,"cvss_v2_0":354,"cvss_v3_0":9,"cvss_v3_1":359,"cvss_v4_0":9},{"baseScore":355,"baseSeverity":9,"vectorString":356,"impactScore":357,"exploitabilityScore":358},6.5,"AV:N/AC:L/Au:S/C:P/I:P/A:P",6.4,8,{"baseScore":67,"baseSeverity":360,"vectorString":70,"impactScore":361,"exploitabilityScore":362},"HIGH",9.8,7.2,{"source":76,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":364,"cvss_v4_0":9},{"baseScore":67,"baseSeverity":9,"vectorString":70,"impactScore":361,"exploitabilityScore":362},[366,378],{"ecosystem":9,"name":367,"vendor":368,"product":369,"cpe_part":370,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":371},"Jenkins Pipeline: Multibranch Plugin","jenkins project","jenkins pipeline: multibranch plugin","a",[372],{"version":373,"is_range":374,"range_type":75,"version_start":375,"version_start_type":376,"version_end":377,"version_end_type":376,"fixed_in":9},">= unspecified, \u003C= 706.vd43c65dec013",true,"unspecified","including","706.vd43c65dec013",{"ecosystem":379,"name":380,"vendor":381,"product":382,"cpe_part":9,"purl_type":383,"purl_namespace":381,"purl_name":382,"source":9,"versions":384},"Maven","org.jenkins-ci.plugins.workflow:workflow-multibranch","org.jenkins-ci.plugins.workflow","workflow-multibranch","maven",[385],{"version":386,"is_range":374,"range_type":387,"version_start":9,"version_start_type":9,"version_end":388,"version_end_type":389,"fixed_in":9},"lt707_v71c3f0a_6ccdb","ecosystem","707.v71c3f0a_6ccdb","excluding"]