CVE-2022-41238

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-41238

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-41238.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-41238

Aliases

GHSA-9mc6-vgmq-x6xf

Published

2022-09-21T16:15:10Z

Modified

2024-09-03T04:19:26.817174Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A missing permission check in Jenkins DotCi Plugin 2.40.00 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to the attacker-specified repository for attacker-specified commits.

References

https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2867

Affected packages

Git / github.com/groupon/dotci

Affected ranges

Type: GIT
Repo: https://github.com/groupon/dotci
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

73c08a7caee5f09813e894a5ff951e05a6579fa4

Affected versions

2.*

2.5

DotCi-1.*

DotCi-1.0.0

DotCi-1.0.1

DotCi-1.0.2

DotCi-1.0.3

DotCi-1.1.0

DotCi-1.1.1

DotCi-1.2.0

DotCi-1.2.1

DotCi-1.2.2

DotCi-1.3.0

DotCi-1.3.1

DotCi-1.3.2

DotCi-1.3.3

DotCi-1.3.4

DotCi-2.*

DotCi-2.0.0

DotCi-2.1.0

DotCi-2.10.0

DotCi-2.11.0

DotCi-2.11.1

DotCi-2.11.2

DotCi-2.12.0

DotCi-2.12.1

DotCi-2.12.2

DotCi-2.12.3

DotCi-2.13.0

DotCi-2.13.1

DotCi-2.14.0

DotCi-2.14.1

DotCi-2.14.2

DotCi-2.14.3

DotCi-2.14.4

DotCi-2.14.5

DotCi-2.15.0

DotCi-2.15.1

DotCi-2.16.0

DotCi-2.16.1

DotCi-2.17.0

DotCi-2.18.0

DotCi-2.19.0

DotCi-2.19.1

DotCi-2.19.3

DotCi-2.19.5

DotCi-2.2

DotCi-2.20.0

DotCi-2.20.1

DotCi-2.21.0

DotCi-2.22.0

DotCi-2.22.1

DotCi-2.22.26.0

DotCi-2.23.0

DotCi-2.24.0

DotCi-2.24.1

DotCi-2.24.2

DotCi-2.24.3

DotCi-2.25.0

DotCi-2.25.1

DotCi-2.26.0

DotCi-2.27.0

DotCi-2.27.3

DotCi-2.28.0

DotCi-2.28.1

DotCi-2.3

DotCi-2.30.0

DotCi-2.30.2

DotCi-2.30.3

DotCi-2.30.4

DotCi-2.30.7

DotCi-2.31.0

DotCi-2.32.0

DotCi-2.32.1

DotCi-2.33.0

DotCi-2.34.0

DotCi-2.35.0

DotCi-2.36.0

DotCi-2.36.1

DotCi-2.36.2

DotCi-2.37.0

DotCi-2.38.0

DotCi-2.38.1

DotCi-2.38.10

DotCi-2.38.11

DotCi-2.38.2

DotCi-2.38.3

DotCi-2.38.4

DotCi-2.38.5

DotCi-2.38.6

DotCi-2.38.7

DotCi-2.38.8

DotCi-2.38.9

DotCi-2.39.0

DotCi-2.39.1

DotCi-2.39.10

DotCi-2.39.2

DotCi-2.39.3

DotCi-2.39.4

DotCi-2.39.5

DotCi-2.39.6

DotCi-2.39.7

DotCi-2.39.8

DotCi-2.39.9

DotCi-2.40.00

DotCi-2.5

DotCi-2.6.0

DotCi-2.6.1

DotCi-2.6.2

DotCi-2.6.3

DotCi-2.6.4

DotCi-2.6.5

DotCi-2.6.6

DotCi-2.6.7

DotCi-2.6.8

DotCi-2.6.9

DotCi-2.7.0

DotCi-2.7.1

DotCi-2.7.2

DotCi-2.7.3

DotCi-2.7.4

DotCi-2.7.5

DotCi-2.7.6

DotCi-2.7.7

DotCi-2.7.8

DotCi-2.8.0

DotCi-2.8.1

DotCi-2.8.2

DotCi-2.8.3

DotCi-2.8.4

DotCi-2.8.5

DotCi-2.8.6

DotCi-2.8.7

DotCi-2.8.8

DotCi-2.8.9

DotCi-2.9.0

DotCi-2.9.1

DotCi-2.9.2

Other

meow