Jenkins Script Security Plugin SHA-1 Collision Vulnerability
CVE-2022-45379 Published on November 15, 2022

Jenkins Script Security Plugin 1189.vb_a_b_7c8fd5fde and earlier stores whole-script approvals as the SHA-1 hash of the script, making it vulnerable to collision attacks.

NVD

Products Associated with CVE-2022-45379

Want to know whenever a new CVE is published for Jenkins Script Security? stack.watch will email you.

Jenkins Script Security

Affected Versions

Jenkins project Jenkins Script Security Plugin:

Version unspecified, <= 1189.vb_a_b_7c8fd5fde is affected.
Version 1175.1179.vea_f7532629e1 is unaffected.

Exploit Probability

EPSS

0.32%

Percentile

54.54%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Jenkins Script Security Plugin SHA-1 Collision VulnerabilityCVE-2022-45379 Published on November 15, 2022

Products Associated with CVE-2022-45379

Affected Versions

Exploit Probability

Jenkins Script Security Plugin SHA-1 Collision Vulnerability
CVE-2022-45379 Published on November 15, 2022