[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2022-30946":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":36,"aliases":37,"duplicate_of":9,"upstream":39,"downstream":40,"duplicates":47,"related":48,"reserved_at":9,"published_at":49,"modified_at":50,"state":51,"summary":52,"references_raw":61,"kevs":92,"epss":93,"epss_history":96,"metrics":364,"affected":376},"CVE-2022-30946","A cross-site request forgery (CSRF) vulnerability in Jenkins Script Security Plugin 1158.v7c1b_73a_69a_08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified webserver.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-352","Cross-Site Request Forgery (CSRF)","The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.","weakness","Stable","Compound","Medium",[20,24,28,32],{"id":21,"name":22,"techniques":23},"CAPEC-111","JSON Hijacking (aka JavaScript Hijacking)",[],{"id":25,"name":26,"techniques":27},"CAPEC-462","Cross-Domain Search Timing",[],{"id":29,"name":30,"techniques":31},"CAPEC-467","Cross Site Identification",[],{"id":33,"name":34,"techniques":35},"CAPEC-62","Cross Site Request Forgery",[],[],[38],"GHSA-qwgx-mrv5-87j8",[],[41,43,45],{"_key":42},"RHSA-2023:0017",{"_key":44},"RHSA-2023:0560",{"_key":46},"RHSA-2023:0777",[],[],"2022-05-17T14:05:52.000Z","2024-08-03T07:03:39.447Z","Modified",{"cisa_kev":53,"cisa_ransomware":53,"cisa_vendor":9,"epss_severity":54,"epss_score":55,"severity":56,"severity_score":57,"severity_version":58,"severity_source":59,"severity_vector":60,"severity_status":51},false,"low",0.00104,"medium",4.3,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",[62,71,78,83,87],{"url":63,"sources":64,"tags":67},"https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2116",[65,59,66],"cve.org","osv_maven",[68,69,70],"X Refsource CONFIRM","Vendor Advisory","WEB",{"url":72,"sources":73,"tags":74},"http://www.openwall.com/lists/oss-security/2022/05/17/8",[65,59,66],[75,76,77,70],"Mailing List","X Refsource MLIST","Third Party Advisory",{"url":79,"sources":80,"tags":81},"https://nvd.nist.gov/vuln/detail/CVE-2022-30946",[66],[82],"Advisory",{"url":84,"sources":85,"tags":86},"https://github.com/jenkinsci/script-security-plugin/commit/35f6a0b8207ed3a32a85f27c1312da6cd738eeaa",[66],[70],{"url":88,"sources":89,"tags":90},"https://github.com/jenkinsci/script-security-plugin",[66],[91],"PACKAGE",[],{"date":94,"score":55,"percentile":95},"2026-06-04",0.27871,[97,101,104,107,110,113,116,119,122,125,128,131,134,137,140,144,147,150,153,156,159,162,165,167,170,173,176,179,182,185,188,191,194,197,199,201,204,207,210,213,216,219,222,225,228,231,234,237,240,243,246,249,252,255,258,261,264,267,270,273,276,279,282,285,288,291,294,297,300,303,306,309,312,315,318,321,324,326,329,332,335,338,341,344,347,350,353,356,359,361],{"date":98,"score":99,"percentile":100},"2025-11-04",0.0005,0.15339,{"date":102,"score":99,"percentile":103},"2025-11-05",0.15368,{"date":105,"score":99,"percentile":106},"2025-11-06",0.15463,{"date":108,"score":99,"percentile":109},"2025-11-07",0.15488,{"date":111,"score":99,"percentile":112},"2025-11-08",0.15496,{"date":114,"score":99,"percentile":115},"2025-11-09",0.1547,{"date":117,"score":99,"percentile":118},"2025-11-10",0.15428,{"date":120,"score":99,"percentile":121},"2025-11-11",0.15454,{"date":123,"score":99,"percentile":124},"2025-11-12",0.15498,{"date":126,"score":99,"percentile":127},"2025-11-13",0.15524,{"date":129,"score":99,"percentile":130},"2025-11-14",0.15521,{"date":132,"score":99,"percentile":133},"2025-11-15",0.15476,{"date":135,"score":99,"percentile":136},"2025-11-16",0.15449,{"date":138,"score":99,"percentile":139},"2025-11-17",0.15404,{"date":141,"score":142,"percentile":143},"2025-11-18",0.00087,0.21074,{"date":145,"score":142,"percentile":146},"2025-11-19",0.21083,{"date":148,"score":142,"percentile":149},"2025-11-20",0.21055,{"date":151,"score":99,"percentile":152},"2025-11-21",0.15433,{"date":154,"score":99,"percentile":155},"2025-11-22",0.15437,{"date":157,"score":99,"percentile":158},"2025-11-23",0.15426,{"date":160,"score":99,"percentile":161},"2025-11-24",0.15387,{"date":163,"score":99,"percentile":164},"2025-11-25",0.1538,{"date":166,"score":99,"percentile":103},"2025-11-26",{"date":168,"score":99,"percentile":169},"2025-11-27",0.15376,{"date":171,"score":99,"percentile":172},"2025-11-28",0.15355,{"date":174,"score":99,"percentile":175},"2025-11-29",0.15333,{"date":177,"score":99,"percentile":178},"2025-11-30",0.15344,{"date":180,"score":99,"percentile":181},"2025-12-01",0.15383,{"date":183,"score":99,"percentile":184},"2025-12-02",0.15395,{"date":186,"score":99,"percentile":187},"2025-12-03",0.15423,{"date":189,"score":99,"percentile":190},"2025-12-04",0.15381,{"date":192,"score":99,"percentile":193},"2025-12-05",0.15453,{"date":195,"score":99,"percentile":196},"2025-12-06",0.15467,{"date":198,"score":99,"percentile":136},"2025-12-07",{"date":200,"score":99,"percentile":106},"2025-12-08",{"date":202,"score":99,"percentile":203},"2025-12-09",0.15518,{"date":205,"score":99,"percentile":206},"2025-12-10",0.15582,{"date":208,"score":99,"percentile":209},"2025-12-11",0.15622,{"date":211,"score":99,"percentile":212},"2025-12-12",0.15675,{"date":214,"score":99,"percentile":215},"2025-12-13",0.15683,{"date":217,"score":99,"percentile":218},"2025-12-14",0.15647,{"date":220,"score":99,"percentile":221},"2025-12-15",0.15614,{"date":223,"score":99,"percentile":224},"2025-12-16",0.15633,{"date":226,"score":99,"percentile":227},"2025-12-17",0.15723,{"date":229,"score":99,"percentile":230},"2025-12-18",0.15778,{"date":232,"score":99,"percentile":233},"2025-12-19",0.15826,{"date":235,"score":99,"percentile":236},"2025-12-20",0.15802,{"date":238,"score":99,"percentile":239},"2025-12-21",0.1577,{"date":241,"score":99,"percentile":242},"2025-12-22",0.15713,{"date":244,"score":99,"percentile":245},"2025-12-23",0.15698,{"date":247,"score":99,"percentile":248},"2025-12-24",0.15707,{"date":250,"score":99,"percentile":251},"2025-12-25",0.15784,{"date":253,"score":99,"percentile":254},"2025-12-26",0.15776,{"date":256,"score":99,"percentile":257},"2025-12-27",0.15788,{"date":259,"score":99,"percentile":260},"2025-12-28",0.15741,{"date":262,"score":99,"percentile":263},"2025-12-29",0.15709,{"date":265,"score":99,"percentile":266},"2025-12-30",0.15722,{"date":268,"score":99,"percentile":269},"2025-12-31",0.1579,{"date":271,"score":99,"percentile":272},"2026-01-01",0.15891,{"date":274,"score":99,"percentile":275},"2026-01-02",0.15882,{"date":277,"score":99,"percentile":278},"2026-01-03",0.15862,{"date":280,"score":99,"percentile":281},"2026-01-04",0.15767,{"date":283,"score":99,"percentile":284},"2026-01-05",0.15724,{"date":286,"score":99,"percentile":287},"2026-01-06",0.15734,{"date":289,"score":99,"percentile":290},"2026-01-07",0.15777,{"date":292,"score":99,"percentile":293},"2026-01-08",0.15836,{"date":295,"score":99,"percentile":296},"2026-01-09",0.15847,{"date":298,"score":99,"percentile":299},"2026-01-10",0.15856,{"date":301,"score":99,"percentile":302},"2026-01-11",0.1581,{"date":304,"score":99,"percentile":305},"2026-01-12",0.15771,{"date":307,"score":99,"percentile":308},"2026-01-13",0.1576,{"date":310,"score":99,"percentile":311},"2026-01-14",0.15819,{"date":313,"score":99,"percentile":314},"2026-01-15",0.15818,{"date":316,"score":99,"percentile":317},"2026-01-16",0.15828,{"date":319,"score":99,"percentile":320},"2026-01-17",0.15848,{"date":322,"score":99,"percentile":323},"2026-01-18",0.15789,{"date":325,"score":99,"percentile":266},"2026-01-19",{"date":327,"score":99,"percentile":328},"2026-01-20",0.157,{"date":330,"score":99,"percentile":331},"2026-01-21",0.15688,{"date":333,"score":99,"percentile":334},"2026-01-22",0.1562,{"date":336,"score":99,"percentile":337},"2026-01-23",0.15702,{"date":339,"score":99,"percentile":340},"2026-01-24",0.15737,{"date":342,"score":99,"percentile":343},"2026-01-25",0.15669,{"date":345,"score":99,"percentile":346},"2026-01-26",0.15589,{"date":348,"score":99,"percentile":349},"2026-01-27",0.15584,{"date":351,"score":99,"percentile":352},"2026-01-28",0.15595,{"date":354,"score":99,"percentile":355},"2026-01-29",0.15578,{"date":357,"score":99,"percentile":358},"2026-01-30",0.15565,{"date":360,"score":99,"percentile":349},"2026-01-31",{"date":362,"score":99,"percentile":363},"2026-02-01",0.15562,[365,374],{"source":59,"cvss_v2_0":366,"cvss_v3_0":9,"cvss_v3_1":370,"cvss_v4_0":9},{"baseScore":57,"baseSeverity":9,"vectorString":367,"impactScore":368,"exploitabilityScore":369},"AV:N/AC:M/Au:N/C:N/I:P/A:N",2.9,8.6,{"baseScore":57,"baseSeverity":371,"vectorString":60,"impactScore":372,"exploitabilityScore":373},"MEDIUM",2.3,7.2,{"source":66,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":375,"cvss_v4_0":9},{"baseScore":57,"baseSeverity":9,"vectorString":60,"impactScore":372,"exploitabilityScore":373},[377,389,399],{"ecosystem":9,"name":378,"vendor":379,"product":380,"cpe_part":381,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":382},"Jenkins Script Security Plugin","jenkins project","jenkins script security plugin","a",[383],{"version":384,"is_range":385,"range_type":65,"version_start":386,"version_start_type":387,"version_end":388,"version_end_type":387,"fixed_in":9},">= unspecified, \u003C= 1158.v7c1b_73a_69a_08",true,"unspecified","including","1158.v7c1b_73a_69a_08",{"ecosystem":9,"name":390,"vendor":391,"product":392,"cpe_part":381,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":393},"script security","jenkins","script_security",[394],{"version":395,"is_range":385,"range_type":396,"version_start":9,"version_start_type":9,"version_end":397,"version_end_type":398,"fixed_in":9},"lt1172.v35f6a_0b_8207e","cpe","1172.v35f6a_0b_8207e","excluding",{"ecosystem":400,"name":401,"vendor":402,"product":403,"cpe_part":9,"purl_type":404,"purl_namespace":402,"purl_name":403,"source":9,"versions":405},"Maven","org.jenkins-ci.plugins:script-security","org.jenkins-ci.plugins","script-security","maven",[406],{"version":407,"is_range":385,"range_type":408,"version_start":9,"version_start_type":9,"version_end":409,"version_end_type":398,"fixed_in":9},"lt1172_v35f6a","ecosystem","1172.v35f6a"]