CVE-2022-30945
published 2022-05-17CVE-2022-30945: Jenkins Pipeline: Groovy Plugin 2689.v434009a_31b_f1 and earlier allows loading any Groovy source files on the classpath of Jenkins and Jenkins plugins in…
high8.5CVSS 3.1
AVNACHPRLUINSCCHIHAH
Jenkins Pipeline: Groovy Plugin 2689.v434009a_31b_f1 and earlier allows loading any Groovy source files on the classpath of Jenkins and Jenkins plugins in sandboxed pipelines.
Affected
22 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jenkins | application_detector_plugin | — | — |
| jenkins | autocomplete_parameter_plugin | — | — |
| jenkins | blue_ocean_plugin | — | — |
| jenkins | git_plugin | — | — |
| jenkins | gitlab_plugin | — | — |
| jenkins | global_variable_string_parameter_plugin | — | — |
| jenkins | groovy_plugin | — | — |
| jenkins | http_requests_in_script_security_plugin | — | — |
| jenkins | jdk_parameter_plugin | — | — |
| jenkins | jenkins_core | — | — |
| jenkins | mercurial_plugin | — | — |
| jenkins | multiselect_parameter_plugin | — | — |
| jenkins | pipeline | < 2689.v434009a_31b_f1 | 2689.v434009a_31b_f1 |
| jenkins | random_string_parameter_plugin | — | — |
| jenkins | repo_plugin | — | — |
| jenkins | rundeck_plugin | — | — |
| jenkins | script_security_plugin | — | — |
| jenkins | selection_tasks_plugin | — | — |
| jenkins | ssh_plugin | — | — |
| jenkins | storable_configs_plugin | — | — |
| jenkins | while_credentials_plugin | — | — |
| jenkins_project | jenkins_pipeline_groovy_plugin | unspecified – 2689.v434009a_31b_f1 | — |