2 matches found
br.com.ingenieux.jenkins.plugins:codecommit-url-helper (=0.0.1), com.amcbridge:build-configurator (>=1.0.5.0 <=1.0.6.1) +92 more potentially affected by CVE-2022-30949 via org.jenkins-ci.plugins:git (>=1.2.0 <=4.0.0-rc)
org.jenkins-ci.plugins:git MAVEN version =1.2.0, =1.0.5.0, =1.1.0, =1.9.2-beta, =1.9, =4.0.9, =1.1.0, =1.0.0, =1.0.1, =1.1.3, =1.7.2, =1.1.0, =1.0.0, =1.0.22, =1.0.57 and more Source cves: CVE-2022-30949 Source advisory: OSV:GHSA-8VFC-FCR2-47PJ...
CVE-2022-30949
CVE-2022-30949 affects the Jenkins REPO Plugin, ≤1.14.0. The vulnerability allows pipelines that are configured to check out SCM repositories to access repositories stored on the Jenkins controller’s file system via local-path SCM URLs, resulting in limited information disclosure about other proj...