VYPR
High severityNVD Advisory· Published Nov 15, 2022· Updated Aug 3, 2024

CVE-2022-45379

CVE-2022-45379

Description

Jenkins Script Security Plugin 1189.vb_a_b_7c8fd5fde and earlier stores whole-script approvals as the SHA-1 hash of the script, making it vulnerable to collision attacks.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.jenkins-ci.plugins:script-securityMaven
< 1190.v65867a_a_471261190.v65867a_a_47126

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

1