CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

Jenkins Security Advisory 2022-10-19

unknownCVE-2022-43401CVE-2022-43404CVE-2022-43402CVE-2022-43403CVE-2022-43405CVE-2022-43406
Affects plugin: BMC AMI DevX Code Debug Code Coverage Affects plugin: BMC AMI DevX Source Code Download for Endevor, PDS, and Code Pipeline Affects plugin: BMC AMI DevX Total Test Affects plugin: BMC AMI Strobe Measurement Task Affects plugin: Compuware Topaz Utilities Affects plugin: Contrast Continuous Application Security Affects plugin: Custom Checkbox Parameter Affects plugin: 360 FireLine Affects plugin: Generic Webhook Trigger Affects plugin: GitLab Affects plugin: Job Import Affects plugin: Katalon Affects plugin: Mercurial Affects plugin: NeuVector Vulnerability Scanner Affects plugin: NUnit Affects plugin: Pipeline: Deprecated Groovy Libraries Affects plugin: Pipeline: Groovy Affects plugin: Pipeline: Groovy Libraries Affects plugin: Pipeline: Input Step Affects plugin: Pipeline: Stage View Affects plugin: Pipeline: Supporting APIs Affects plugin: REPO Affects plugin: S3 Explorer Affects plugin: ScreenRecorder Affects plugin: Script Security Affects plugin: Tuleap Git Branch Source Affects plugin: XFramium Builder

Details

Source
Jenkins Security Advisories (INTL · vendor-psirt · site)
Severity
unknown
Published
2022-10-19
Exploitation
Not in CISA KEV at last sync

Original advisory: https://www.jenkins.io/security/advisory/2022-10-19/

Exploitation outlook

EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.

Referenced CVEs

CVECSIRTS overviewExternal
CVE-2022-43401coverage & exploitation statusNVD · CVE.org
CVE-2022-43404coverage & exploitation statusNVD · CVE.org
CVE-2022-43402coverage & exploitation statusNVD · CVE.org
CVE-2022-43403coverage & exploitation statusNVD · CVE.org
CVE-2022-43405coverage & exploitation statusNVD · CVE.org
CVE-2022-43406coverage & exploitation statusNVD · CVE.org
CVE-2022-43407coverage & exploitation statusNVD · CVE.org
CVE-2022-43408coverage & exploitation statusNVD · CVE.org
CVE-2022-43409coverage & exploitation statusNVD · CVE.org
CVE-2022-43410coverage & exploitation statusNVD · CVE.org
CVE-2022-43411coverage & exploitation statusNVD · CVE.org
CVE-2022-43412coverage & exploitation statusNVD · CVE.org
CVE-2022-43413coverage & exploitation statusNVD · CVE.org
CVE-2022-43414coverage & exploitation statusNVD · CVE.org
CVE-2022-43415coverage & exploitation statusNVD · CVE.org
CVE-2022-43416coverage & exploitation statusNVD · CVE.org
CVE-2022-43417coverage & exploitation statusNVD · CVE.org
CVE-2022-43418coverage & exploitation statusNVD · CVE.org
CVE-2022-43419coverage & exploitation statusNVD · CVE.org
CVE-2022-43420coverage & exploitation statusNVD · CVE.org
CVE-2022-43421coverage & exploitation statusNVD · CVE.org
CVE-2022-43422coverage & exploitation statusNVD · CVE.org
CVE-2022-43423coverage & exploitation statusNVD · CVE.org
CVE-2022-43424coverage & exploitation statusNVD · CVE.org
CVE-2022-43425coverage & exploitation statusNVD · CVE.org
CVE-2017-2601coverage & exploitation statusNVD · CVE.org
CVE-2022-43426coverage & exploitation statusNVD · CVE.org
CVE-2022-43427coverage & exploitation statusNVD · CVE.org
CVE-2022-43428coverage & exploitation statusNVD · CVE.org
CVE-2022-43429coverage & exploitation statusNVD · CVE.org
CVE-2022-43430coverage & exploitation statusNVD · CVE.org
CVE-2022-43431coverage & exploitation statusNVD · CVE.org
CVE-2022-43432coverage & exploitation statusNVD · CVE.org
CVE-2022-43433coverage & exploitation statusNVD · CVE.org
CVE-2022-43434coverage & exploitation statusNVD · CVE.org
CVE-2022-43435coverage & exploitation statusNVD · CVE.org

Same CVEs, other sources

How other CERTs, PSIRTs and databases cover the vulnerabilities in this advisory.

More from Jenkins Security Advisories