CVE-2022-25914
- Source
- https://cve.org/CVERecord?id=CVE-2022-25914
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-25914.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-25914
- Aliases
- Published
- 2022-09-08T05:15:07.497Z
- Modified
- 2026-04-11T22:01:40.060863Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
The package com.google.cloud.tools:jib-core before 0.22.0 are vulnerable to Remote Code Execution (RCE) via the isDockerInstalled function, due to attempting to execute input.
- References
Affected packages
Git / github.com/googlecontainertools/jib
Database specific
vanir_signatures_modified
"2026-04-11T22:01:40Z"
vanir_signatures
[
{
"id": "CVE-2022-25914-120a627a",
"target": {
"file": "jib-core/src/main/java/com/google/cloud/tools/jib/docker/CliDockerClient.java",
"function": "isDefaultDockerInstalled"
},
"deprecated": false,
"digest": {
"function_hash": "188023400010800804454792360816463358067",
"length": 66.0
},
"signature_type": "Function",
"source": "https://github.com/googlecontainertools/jib/commit/67fa40bc2c484da0546333914ea07a89fe44eaaf",
"signature_version": "v1"
},
{
"id": "CVE-2022-25914-67b72013",
"target": {
"file": "jib-core/src/main/java/com/google/cloud/tools/jib/docker/CliDockerClient.java"
},
"deprecated": false,
"digest": {
"line_hashes": [
"90012441611536306745375858598407629414",
"337930395447615797428027332141653835449",
"92505504910727629167831959198580950413",
"34198078719907756724331818517486489460",
"19824461718912398881872573075279423939",
"121724100989068866062873641993856529141",
"308379702546440621571614948432062820322",
"277936410134013581068514725455049029736",
"88627993096655256743244117259665043851",
"17565565184503583813946114528171289960",
"51144568367782954580834895328295827283",
"263940968436123019075801079013164884422",
"43255123356282200350613598415813472936"
],
"threshold": 0.9
},
"signature_type": "Line",
"source": "https://github.com/googlecontainertools/jib/commit/67fa40bc2c484da0546333914ea07a89fe44eaaf",
"signature_version": "v1"
},
{
"id": "CVE-2022-25914-da9dae83",
"target": {
"file": "jib-core/src/test/java/com/google/cloud/tools/jib/docker/CliDockerClientTest.java"
},
"deprecated": false,
"digest": {
"line_hashes": [
"319770219669167263223143083474000243652",
"58561243082290470065226373035835375312",
"253066469859778485980947099206490657622",
"88796707359779959000080454536609660478",
"250169726291676915519636122500213826560",
"172557102128809386266827450075305921969",
"176835611882921289556796122807051352486",
"210802633310902479453725895857767847616",
"79865048151952943921614231240181809083",
"214122916347948305763925877154186603957",
"95657977750370807453403563652177856247",
"303285954741330971124135210226939492983"
],
"threshold": 0.9
},
"signature_type": "Line",
"source": "https://github.com/googlecontainertools/jib/commit/67fa40bc2c484da0546333914ea07a89fe44eaaf",
"signature_version": "v1"
},
{
"id": "CVE-2022-25914-dc0717e7",
"target": {
"file": "jib-core/src/main/java/com/google/cloud/tools/jib/docker/CliDockerClient.java",
"function": "isDockerInstalled"
},
"deprecated": false,
"digest": {
"function_hash": "16126682970378420054364998922015783091",
"length": 155.0
},
"signature_type": "Function",
"source": "https://github.com/googlecontainertools/jib/commit/67fa40bc2c484da0546333914ea07a89fe44eaaf",
"signature_version": "v1"
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-25914.json"