Medium severity6.5NVD Advisory· Published Jul 27, 2022· Updated Jun 17, 2026
CVE-2022-36894
CVE-2022-36894
Description
An arbitrary file write vulnerability in Jenkins CLIF Performance Testing Plugin 64.vc0d66de1dfb_f and earlier allows attackers with Overall/Read permission to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.jenkins-ci.plugins:clif-performance-testingMaven | < 71.v0741865e206f | 71.v0741865e206f |
Affected products
2- Jenkins project/Jenkins CLIF Performance Testing Pluginv5Range: unspecified
Patches
Vulnerability mechanics
References
5- www.openwall.com/lists/oss-security/2022/07/27/1nvdMailing ListThird Party AdvisoryWEB
- github.com/advisories/GHSA-6xf5-c3cx-67pvghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-36894ghsaADVISORY
- www.jenkins.io/security/advisory/2022-07-27/nvdVendor AdvisoryWEB
- github.com/jenkinsci/clif-performance-testing-plugin/commit/0741865e206fdb2fe4cdbad7f9956de3121c7b26ghsaWEB
News mentions
0No linked articles in our index yet.