CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

Jenkins Security Advisory 2022-04-12

unknownCVE-2022-29036CVE-2022-29037CVE-2022-29038CVE-2022-29039CVE-2022-29040CVE-2022-29041
Affects plugin: Credentials Affects plugin: CVS Affects plugin: Extended Choice Parameter Affects plugin: Gerrit Trigger Affects plugin: Git Parameter Affects plugin: Google Compute Engine Affects plugin: Jira Affects plugin: Job Generator Affects plugin: Mask Passwords Affects plugin: Node and Label parameter Affects plugin: Pipeline: Deprecated Groovy Libraries Affects plugin: promoted builds Affects plugin: Publish Over FTP Affects plugin: Subversion

Details

Source
Jenkins Security Advisories (INTL · vendor-psirt · site)
Severity
unknown
Published
2022-04-12
Exploitation
Not in CISA KEV at last sync

Original advisory: https://www.jenkins.io/security/advisory/2022-04-12/

Exploitation outlook

EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.

Referenced CVEs

CVECSIRTS overviewExternal
CVE-2022-29036coverage & exploitation statusNVD · CVE.org
CVE-2022-29037coverage & exploitation statusNVD · CVE.org
CVE-2022-29038coverage & exploitation statusNVD · CVE.org
CVE-2022-29039coverage & exploitation statusNVD · CVE.org
CVE-2022-29040coverage & exploitation statusNVD · CVE.org
CVE-2022-29041coverage & exploitation statusNVD · CVE.org
CVE-2022-29042coverage & exploitation statusNVD · CVE.org
CVE-2022-29043coverage & exploitation statusNVD · CVE.org
CVE-2022-29044coverage & exploitation statusNVD · CVE.org
CVE-2022-29045coverage & exploitation statusNVD · CVE.org
CVE-2022-29046coverage & exploitation statusNVD · CVE.org
CVE-2017-2601coverage & exploitation statusNVD · CVE.org
CVE-2022-29047coverage & exploitation statusNVD · CVE.org
CVE-2022-29048coverage & exploitation statusNVD · CVE.org
CVE-2022-29049coverage & exploitation statusNVD · CVE.org
CVE-2022-29050coverage & exploitation statusNVD · CVE.org
CVE-2022-29051coverage & exploitation statusNVD · CVE.org
CVE-2022-29052coverage & exploitation statusNVD · CVE.org

Same CVEs, other sources

How other CERTs, PSIRTs and databases cover the vulnerabilities in this advisory.

More from Jenkins Security Advisories