vulnerability
Red Hat OpenShift: CVE-2022-45379: jenkins-plugin/script-security: Whole-script approval in Script Security Plugin vulnerable to SHA-1 collisions
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:C/I:N/A:N) | Nov 15, 2022 | Feb 9, 2023 | Apr 14, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:C/I:N/A:N)
Published
Nov 15, 2022
Added
Feb 9, 2023
Modified
Apr 14, 2025
Description
Jenkins Script Security Plugin 1189.vb_a_b_7c8fd5fde and earlier stores whole-script approvals as the SHA-1 hash of the script, making it vulnerable to collision attacks.
Solution
linuxrpm-upgrade-jenkins-2-plugins
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.