CVE-2022-25181
First published: Tue Feb 15 2022(Updated: )
A flaw was found in Jenkins. The Pipeline: Shared Groovy Libraries Plugin uses the same workspace directory for all checkouts of Pipeline libraries with the same name, regardless of the SCM used and the source of the library configuration. This flaw allows attackers with item/configure permission to execute arbitrary code in the context of the Jenkins controller, JVM, through crafted SCM contents if a global Pipeline library already exists.
Credit: jenkinsci-cert@googlegroups.com jenkinsci-cert@googlegroups.com jenkinsci-cert@googlegroups.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/jenkins | <2-plugins-0:3.11.1650371376-1.el7 | 2-plugins-0:3.11.1650371376-1.el7 |
| redhat/jenkins | <2-plugins-0:4.10.1647505461-1.el8 | 2-plugins-0:4.10.1647505461-1.el8 |
| redhat/jenkins | <2-plugins-0:4.6.1650364520-1.el8 | 2-plugins-0:4.6.1650364520-1.el8 |
| redhat/jenkins | <2-plugins-0:4.7.1648800585-1.el8 | 2-plugins-0:4.7.1648800585-1.el8 |
| redhat/jenkins | <2-plugins-0:4.8.1646993358-1.el8 | 2-plugins-0:4.8.1646993358-1.el8 |
| redhat/jenkins | <2-plugins-0:4.9.1647580879-1.el8 | 2-plugins-0:4.9.1647580879-1.el8 |
| Jenkins Pipeline\ | <=552.vd9cc05b8a2e1 | |
| maven/org.jenkins-ci.plugins.workflow:workflow-cps-global-lib | <=552.vd9cc05b8a2e1 | 561.va_ce0de3c2d69 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://nvd.nist.gov/vuln/detail/CVE-2022-25181
- https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2441
- https://github.com/jenkinsci/workflow-cps-global-lib-plugin/commit/ace0de3c2d691662021ea10306eeb407da6b6365
- https://github.com/advisories/GHSA-7w2w-fwpf-9m4h (Advisory)
- https://www.jenkins.io/security/advisory/2022-02-15/
- https://access.redhat.com/errata/RHSA-2022:1025
- https://access.redhat.com/errata/RHSA-2022:1021
- https://access.redhat.com/security/cve/cve-2022-25181
- https://access.redhat.com/errata/RHSA-2022:1248
- https://access.redhat.com/errata/RHSA-2022:1420
- https://access.redhat.com/errata/RHSA-2022:1620
- https://bugzilla.redhat.com/show_bug.cgi?id=2055797
- https://www.cve.org/CVERecord?id=CVE-2022-25181 https://nvd.nist.gov/vuln/detail/CVE-2022-25181
- https://access.redhat.com/errata/RHSA-2022:0871
Parent vulnerabilities
(Appears in the following advisories)
Frequently Asked Questions
What is the severity of CVE-2022-25181?
CVE-2022-25181 has been classified as a medium severity vulnerability.
How do I fix CVE-2022-25181?
To fix CVE-2022-25181, you should upgrade to a version of the Jenkins Pipeline: Shared Groovy Libraries Plugin that is not affected, specifically versions later than 552.vd9cc05b8a2e1.
What applications are affected by CVE-2022-25181?
CVE-2022-25181 affects Jenkins and specifically the Pipeline: Shared Groovy Libraries Plugin.
What type of vulnerability is CVE-2022-25181?
CVE-2022-25181 is a directory traversal vulnerability related to workspace directory usage in Jenkins.
Can attackers exploit CVE-2022-25181 remotely?
CVE-2022-25181 requires attackers to have item/configure permissions, indicating a need for authenticated access.
- collector/redhat-cve
- collector/nvd-index
- collector/nvd-api
- collector/github-advisory-latest
- alias/GHSA-7w2w-fwpf-9m4h
- alias/CVE-2022-25181
- collector/nvd-cve
- collector/github-advisory
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- agent/references
- agent/weakness
- agent/author
- agent/severity
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/description
- agent/event
- agent/trending
- agent/tags
- agent/source
- package-manager/redhat
- vendor/jenkins
- canonical/jenkins pipeline\
- version/jenkins pipeline\/552.vd9cc05b8a2e1
- package-manager/maven