VYPR
← All advisories
Moderate severityNVD Advisory· Published Jan 12, 2022· Updated Oct 15, 2024

CVE-2022-23113

CVE-2022-23113

Description

Jenkins Publish Over SSH Plugin 1.22 and earlier performs a validation of the file name specifying whether it is present or not, resulting in a path traversal vulnerability allowing attackers with Item/Configure permission to discover the name of the Jenkins controller files.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.jenkins-ci.plugins:publish-over-sshMaven
< 1.231.23

Affected products

1

Patches

1
79f6598a1727

[SECURITY-2307] do not validate file path to avoid path transversal

https://github.com/jenkinsci/publish-over-ssh-pluginOlivier LamyFeb 11, 2022via ghsa
commit
1 file changed · +1 7
  • src/main/java/jenkins/plugins/publish_over_ssh/descriptor/BapSshCredentialsDescriptor.java+1 7 modified
    @@ -64,13 +64,7 @@ public FormValidation doCheckKeyPath(@QueryParameter final String value) {
         if (!subject.hasPermission(Item.CONFIGURE)&&subject.hasPermission(Item.EXTENDED_READ)) {
             return FormValidation.ok();
         }
-        try {
-            return Jenkins.getInstance().getRootPath().validateRelativePath(value, true, true);
-        } catch (final IOException ioe) {
-            return FormValidation.error(ioe, "");
-        } catch (final NullPointerException npe) {
-            return FormValidation.error(npe, "");
-        }
+        return FormValidation.ok();
     }
 
     public FormValidation doTestConnection(@QueryParameter final String configName, @QueryParameter final String username,

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

6

News mentions

0

No linked articles in our index yet.