Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS1qbXhyLXcyamMtcXA3d806pg
Promotion names in Jenkins promoted builds Plugin are not validated when using Job DSL
Jenkins promoted builds Plugin provides dedicated support for defining promotions using Job DSL Plugin.
promoted builds Plugin 873.v6149db_d64130 and earlier does not validate the names of promotions defined in Job DSL. This allows attackers with Job/Configure permission to create a promotion with an unsafe name. As a result, the promotion name could be used for cross-site scripting (XSS) or to replace other config.xml files.
promoted builds Plugin 876.v99d29788b_36b_ and 3.10.1 validates the name of promotions.
Permalink: https://github.com/advisories/GHSA-jmxr-w2jc-qp7wJSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1qbXhyLXcyamMtcXA3d806pg
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: about 2 years ago
Updated: 10 months ago
CVSS Score: 8.0
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Identifiers: GHSA-jmxr-w2jc-qp7w, CVE-2022-29049
References:
- https://nvd.nist.gov/vuln/detail/CVE-2022-29049
- https://www.jenkins.io/security/advisory/2022-04-12/#SECURITY-2655
- https://github.com/jenkinsci/promoted-builds-plugin/commit/d6fd95688ae2052bf9ac7158bc2579c755167fe0
- https://github.com/advisories/GHSA-jmxr-w2jc-qp7w
Blast Radius: 1.0
Affected Packages
maven:org.jenkins-ci.plugins:promoted-builds
Affected Version Ranges: >= 3.11, < 876.v99d29788b, < 3.10.1Fixed in: 876.v99d29788b, 3.10.1