Lucene search
Redhat.comRH:CVE-2022-45379HistoryNov 16, 2022 - 2:55 a.m.
CVE-2022-45379
2022-11-1602:55:58
redhat.com
access.redhat.com
24
flaw
jenkins plugin
sha-1
security standard
whole-script approval
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.002
Percentile
52.5%
A flaw was found in the script-security Jenkins Plugin. SHA-1 no longer meets the security standards for producing a cryptographically secure message digest. The affected version of the script-security Plugin stores whole-script approvals as the SHA-1 hash of the approved script.
Related
cvelist
cvelist
CVE-2022-45379
2022-11-15 00:00:00
osv
osv
CVE-2022-45379
2022-11-15 20:15:11
prion
prion
Design/Logic Flaw
2022-11-15 20:15:00
veracode
veracode
Collision Attack
2023-03-07 00:49:51
github
github
cve
cve
CVE-2022-45379
2022-11-15 20:15:11
nvd
nvd
CVE-2022-45379
2022-11-15 20:15:11
alpinelinux
alpinelinux
CVE-2022-45379
2022-11-15 20:15:11
ibm
ibm
nessus
nessus
RHEL 8 : OpenShift Container Platform 4.10.51 (RHSA-2023:0560)
2024-04-28 00:00:00
RHCOS 4 : OpenShift Container Platform 4.10.51 (RHSA-2023:0560)
2024-01-24 00:00:00
Jenkins plugins Multiple Vulnerabilities (2022-11-15)
2023-08-04 00:00:00
redhat
redhat
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.002
Percentile
52.5%
Related for RH:CVE-2022-45379