CVE-2022-23118

Improper Privilege Management in maven/ru.yandex.jenkins.plugins.debuilder/debian-package-builder

Identifiers

CVE-2022-23118

Package Slug

maven/ru.yandex.jenkins.plugins.debuilder/debian-package-builder

Vulnerability

Improper Privilege Management

Description

Jenkins Debian Package Builder Plugin implements functionality that allows agents to invoke command-line git at an attacker-specified path on the controller, allowing attackers able to control agent processes to invoke arbitrary OS commands on the controller.

Affected Versions

All versions up to 1.6.11

Solution

Unfortunately, there is no solution available yet.

Last Modified

2022-01-21

source