Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS0yOThqLTlxNHctNnJtNM4AAs7u
Agent-to-controller security bypass in Jenkins xUnit Plugin
xUnit Plugin 3.0.8 and earlier implements an agent-to-controller message that creates a user-specified directory if it doesn’t exist, and parsing files inside it as test results.
This allows attackers able to control agent processes to create an arbitrary directory on the Jenkins controller or to obtain test results from existing files in an attacker-specified directory.
xUnit Plugin 3.1.0 changes the message type from agent-to-controller to controller-to-agent, preventing execution on the controller.
Permalink: https://github.com/advisories/GHSA-298j-9q4w-6rm4JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS0yOThqLTlxNHctNnJtNM4AAs7u
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: almost 2 years ago
Updated: over 1 year ago
CVSS Score: 6.5
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Identifiers: GHSA-298j-9q4w-6rm4, CVE-2022-34181
References:
- https://nvd.nist.gov/vuln/detail/CVE-2022-34181
- https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2549
- https://github.com/jenkinsci/xunit-plugin/commit/6976b5da114845a7936ea36d5783a65cd91f9897
- https://github.com/advisories/GHSA-298j-9q4w-6rm4
Blast Radius: 1.0
Affected Packages
maven:org.jenkins-ci.plugins:xunit
Affected Version Ranges: < 3.1.0Fixed in: 3.1.0