CVE-2022-30947 vulnerability in Jenkins Products
Published on May 17, 2022

Jenkins Git Plugin 4.11.1 and earlier allows attackers able to configure pipelines to check out some SCM repositories stored on the Jenkins controller's file system using local paths as SCM URLs, obtaining limited information about other projects' SCM contents.

NVD

Products Associated with CVE-2022-30947

Want to know whenever a new CVE is published for Jenkins products? stack.watch will email you.

Jenkins Repo

Jenkins Git

Jenkins Mercurial

Affected Versions

Jenkins project Jenkins Git Plugin:

Version unspecified, <= 4.11.1 is affected.
Version 4.9.1 is unaffected.

Exploit Probability

EPSS

1.16%

Percentile

78.66%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2022-30947 vulnerability in Jenkins ProductsPublished on May 17, 2022

Products Associated with CVE-2022-30947

Affected Versions

Exploit Probability

CVE-2022-30947 vulnerability in Jenkins Products
Published on May 17, 2022