CVE-2022-45379
Inadequate Encryption Strength in maven/org.jenkins-ci.plugins/script-security
Identifiers
CVE-2022-45379
Package Slug
maven/org.jenkins-ci.plugins/script-security
Vulnerability
Inadequate Encryption Strength
Description
Jenkins Script Security Plugin 1189.vbab_7c8fd5fde and earlier stores whole-script approvals as the SHA-1 hash of the script, making it vulnerable to collision attacks.
Affected Versions
All versions before 1190.v65867aa47126
Solution
Upgrade to version 1190.v65867aa47126 or above.
Last Modified
2022-11-21
| source |