CVE-2022-25178

Aliases:GHSA-5hfv-mg5x-mv32
Advisory lineage Upstream: 0 Downstream: 6
Modified
Published: 15 Feb 2022, 16:10
Last modified:03 Aug 2024, 04:36

Vulnerability Summary

Overall Risk (default)
medium
26/100
CVSS Score
6.5 MEDIUM
v3.1 (nvd)
EPSS Score
0.3% LOW
0% probability 0.00%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

15 Feb 2022, 16:10
Published
Vulnerability first disclosed
03 Aug 2024, 04:36
Last Modified
Vulnerability information updated

Description

Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier does not restrict the names of resources passed to the libraryResource step, allowing attackers able to configure Pipelines permission to read arbitrary files on the Jenkins controller file system.

CVSS Metrics

  • v3.1MEDIUMScore: 6.5CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • v2.0MEDIUMScore: 4AV:N/AC:L/Au:S/C:P/I:N/A:N

EPSS Trends

Current EPSS score: 0.30% Percentile: 53%

Techniques & Countermeasures

  • CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

    The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Affected Systems

  • jenkins projectjenkins pipeline: shared groovy libraries plugin

    ≥ unspecified, ≤ 552.vd9cc05b8a2e1

  • org.jenkins-ci.plugins.workflowworkflow-cps-global-lib

    ≥ 2.22, < 561.va_ce0de3c2d69 | ≥ 2.19, < 2.21.1 | < 2.18.1

References (3)