Lucene search
HistoryOct 19, 2022 - 4:15 p.m.
CVE-2022-43410
jenkins
mercurial
plugin
webhook
information disclosure
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
0.001 Low
EPSS
Percentile
33.5%
Jenkins Mercurial Plugin 1251.va_b_121f184902 and earlier provides information about which jobs were triggered or scheduled for polling through its webhook endpoint, including jobs the user has no permission to access.
Affected configurations
Node
jenkinsmercurialRange≤1251.va_b_121f184902jenkins
Related
osv
osv
Webhook endpoint discloses job names to unauthorized users in Jenkins Mercurial Plugin
2022-10-19 19:00:18
CVE-2022-43410
2022-10-19 16:15:10
veracode
veracode
Information Disclosure
2023-03-24 00:52:33
prion
prion
Design/Logic Flaw
2022-10-19 16:15:00
cve
cve
CVE-2022-43410
2022-10-19 16:15:10
alpinelinux
alpinelinux
CVE-2022-43410
2022-10-19 16:15:10
github
github
redhatcve
redhatcve
CVE-2022-43410
2022-10-20 05:47:14
cbl_mariner
cbl_mariner
CVE-2022-43410 affecting package mercurial 6.0.3-2
2024-07-08 03:08:43
CVE-2022-43410 affecting package mercurial 5.4-2
2024-07-08 03:08:39
cvelist
cvelist
CVE-2022-43410
2022-10-19 00:00:00
redhat
redhat
nessus
nessus
Jenkins plugins Multiple Vulnerabilities (2022-10-19)
2023-03-03 00:00:00
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
0.001 Low
EPSS
Percentile
33.5%
Related for NVD:CVE-2022-43410