Lucene search
China National Vulnerability DatabaseCNVD-2022-76705HistoryNov 14, 2022 - 12:00 a.m.
Jenkins Pipeline SCM API for Blue Ocean Plugin Unauthorized Access Vulnerability
2022-11-1400:00:00
China National Vulnerability Database
www.cnvd.org.cn
13
jenkins
pipeline
scm
api
blue ocean plugin
vulnerability
unauthorized access
sensitive information
0.001 Low
EPSS
Percentile
28.5%
The Blue Ocean Plugin is an aggregation tool designed for Jenkins Pipeline, and is of course compatible with free-style projects. It graphically illustrates the flow of the pipeline, making it more intuitive. Jenkins Pipeline SCM API for Blue Ocean Plugin 1.25.3 and prior versions are vulnerable to unauthorized access, and an attacker with certain privileges could exploit the vulnerability to obtain sensitive information.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jenkins blue ocean | le | 1.25.3 |
Related
redhatcve
redhatcve
CVE-2022-30952
2022-08-19 04:38:43
osv
osv
CVE-2022-30952
2022-05-17 15:15:09
cvelist
cvelist
CVE-2022-30952
2022-05-17 00:00:00
prion
prion
Code injection
2022-05-17 15:15:00
nvd
nvd
CVE-2022-30952
2022-05-17 15:15:09
veracode
veracode
Information Disclosure
2023-03-07 00:48:36
cve
cve
CVE-2022-30952
2022-05-17 15:15:09
github
github
nessus
nessus
RHEL 8 : OpenShift Container Platform 4.8.56 (RHSA-2023:0017)
2024-04-28 00:00:00
RHCOS 4 : OpenShift Container Platform 4.8.56 (RHSA-2023:0017)
2024-01-24 00:00:00
redhat
redhat