Jenkins Pipeline:shared Groovy Libraries — known CVE vulnerabilities
Every CVE whose affected-product data names Jenkins Pipeline:shared Groovy Libraries, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2022-25181 — CVSS 8.8 (high): A sandbox bypass vulnerability in Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier allows attackers with…
CVE-2022-25182 — CVSS 8.8 (high): A sandbox bypass vulnerability in Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier allows attackers with…
CVE-2022-25174 — CVSS 8.8 (high): Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier uses the same checkout directories for distinct SCMs for…
CVE-2022-25183 — CVSS 8.8 (high): Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier uses the names of Pipeline libraries to create cache…
CVE-2022-25178 — CVSS 6.5 (medium): Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier does not restrict the names of resources passed to the…
CVE-2022-25177 — CVSS 6.5 (medium): Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier follows symbolic links to locations outside of the expected…
CVE-2019-10357 — CVSS 4.3 (medium): A missing permission check in Jenkins Pipeline: Shared Groovy Libraries Plugin 2.14 and earlier allowed users with Overall/Read access to…