CVE-2022-20613

Source
https://cve.org/CVERecord?id=CVE-2022-20613
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-20613.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-20613
Aliases
Published
2022-01-12T20:15:08.713Z
Modified
2026-07-08T06:00:17.349259681Z
Severity
  • 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVSS Calculator
Summary
[none]
Details

A cross-site request forgery (CSRF) vulnerability in Jenkins Mailer Plugin 391.ve4a38c1bcf4b_ and earlier allows attackers to use the DNS used by the Jenkins instance to resolve an attacker-specified hostname.

Database specific
{
    "unresolved_ranges": [
        {
            "cpes": [
                "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:communications_cloud_native_core_automated_test_suite",
            "extracted_events": [
                {
                    "introduced": "1.9.0"
                },
                {
                    "last_affected": "1.9.0"
                }
            ],
            "source": "CPE_STRING"
        }
    ]
}
References

Affected packages

Git / github.com/jenkinsci/mailer-plugin

Affected ranges

Type
GIT
Repo
https://github.com/jenkinsci/mailer-plugin
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Introduced
Last affected
Database specific
{
    "cpe": [
        "cpe:2.3:a:jenkins:mailer:*:*:*:*:*:jenkins:*:*",
        "cpe:2.3:a:jenkins:mailer:391.ve4a_38c1b_cf4b_:-:*:*:*:*:*:*"
    ],
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.34.2"
        },
        {
            "introduced": "391.ve4a_38c1b_cf4b_-NA"
        },
        {
            "last_affected": "391.ve4a_38c1b_cf4b_-NA"
        }
    ],
    "source": [
        "CPE_RANGE",
        "CPE_STRING"
    ]
}

Affected versions

391.*
391.ve4a_38c1b_cf4b_
391.ve4a_38c1b_cf4b_-NA
mailer-1.*
mailer-1.0
mailer-1.1
mailer-1.10
mailer-1.11
mailer-1.12
mailer-1.12-beta-1
mailer-1.13
mailer-1.14
mailer-1.15
mailer-1.16
mailer-1.17
mailer-1.18
mailer-1.19
mailer-1.2
mailer-1.20
mailer-1.21
mailer-1.22
mailer-1.23
mailer-1.23-beta-1
mailer-1.23-beta-2
mailer-1.24
mailer-1.25
mailer-1.26
mailer-1.27
mailer-1.28
mailer-1.29
mailer-1.3
mailer-1.30
mailer-1.31
mailer-1.32
mailer-1.32.1
mailer-1.33
mailer-1.34
mailer-1.4
mailer-1.5
mailer-1.6
mailer-1.7
mailer-1.8
mailer-1.9

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-20613.json"