Moderate severityNVD Advisory· Published Oct 19, 2022· Updated May 8, 2025
CVE-2022-43410
CVE-2022-43410
Description
Jenkins Mercurial Plugin 1251.va_b_121f184902 and earlier provides information about which jobs were triggered or scheduled for polling through its webhook endpoint, including jobs the user has no permission to access.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.jenkins-ci.plugins:mercurialMaven | < 1260.vdfb_723cdcc81 | 1260.vdfb_723cdcc81 |
Affected products
2- Range: unspecified
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-j7pg-863g-22p6ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-43410ghsaADVISORY
- www.openwall.com/lists/oss-security/2022/10/19/3ghsamailing-listWEB
- github.com/jenkinsci/mercurial-plugin/commit/dfb723cdcc815875cdf63abd32e314ced5e95ac9ghsaWEB
- www.jenkins.io/security/advisory/2022-10-19/ghsaWEB
News mentions
0No linked articles in our index yet.