Lucene search
Redhat.comRH:CVE-2022-25176HistoryFeb 17, 2022 - 4:38 p.m.
CVE-2022-25176
2022-02-1716:38:20
redhat.com
access.redhat.com
24
0.001 Low
EPSS
Percentile
27.9%
A flaw was found in Jenkins. The Pipeline: Groovy Plugin follows symbolic links to locations outside of the checkout directory for the configured SCM when reading the script file (typically Jenkinsfile) for Pipelines. This flaw allows attackers who can configure Pipelines to read arbitrary files on the Jenkins controller file system.
Related
prion
prion
Design/Logic Flaw
2022-02-15 17:15:00
osv
osv
cvelist
cvelist
CVE-2022-25176
2022-02-15 16:10:55
cve
cve
CVE-2022-25176
2022-02-15 17:15:00
alpinelinux
alpinelinux
CVE-2022-25176
2022-02-15 17:15:00
veracode
veracode
Privilege Escalation
2022-04-21 00:42:40
github
github
nessus
nessus
RHEL 8 : OpenShift Container Platform 4.10.6 (RHSA-2022:1025)
2022-03-29 00:00:00
RHEL 8 : OpenShift Container Platform 4.7.48 (RHSA-2022:1248)
2022-04-13 00:00:00
RHEL 7 / 8 : OpenShift Container Platform 4.6.57 (RHSA-2022:1620)
2022-05-04 00:00:00
redhat
redhat