CVE-2022-43410

🗓️ 19 Oct 2022 00:00:00Reported by jenkinsType

cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 240 Views

Jenkins Mercurial Plugin 1251.va_b_121f184902 and earlier provides information about which jobs were triggered or scheduled for polling through its webhook endpoint, including jobs the user has no permission to access

Reporter	Title	Published	Views	Family All 20
AlpineLinux	CVE-2022-43410	19 Oct 202200:00	–	alpinelinux
CBLMariner	CVE-2022-43410 affecting package mercurial 6.0.3-2	12 Jan 202509:15	–	cbl_mariner
CBLMariner	CVE-2022-43410 affecting package mercurial 5.4-2	12 Jan 202509:15	–	cbl_mariner
CNNVD	Jenkins Plugin Mercurial 安全漏洞	19 Oct 202200:00	–	cnnvd
Cvelist	CVE-2022-43410	19 Oct 202200:00	–	cvelist
EUVD	EUVD-2022-7114	3 Oct 202520:07	–	euvd
Github Security Blog	Webhook endpoint discloses job names to unauthorized users in Jenkins Mercurial Plugin	19 Oct 202219:00	–	github
Tenable Nessus	Jenkins plugins Multiple Vulnerabilities (2022-10-19)	3 Mar 202300:00	–	nessus
Tenable Nessus	RHEL 8 : OpenShift Developer Tools and Services for OCP 4.12 (RHSA-2023:1064)	28 Apr 202400:00	–	nessus
Microsoft CVE	Jenkins Mercurial Plugin 1251.va_b_121f184902 and earlier provides information about which jobs were triggered or scheduled for polling through its webhook endpoint, including jobs the user has no permission to access.	2 Oct 202506:11	–	mscve

NVD

Node

jenkins mercurialRange≤1251.va_b_121f184902jenkins

[
  {
    "product": "Jenkins Mercurial Plugin",
    "vendor": "Jenkins project",
    "versions": [
      {
        "lessThanOrEqual": "1251.va_b_121f184902",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]