Description
Jenkins CryptoMove Plugin 0.1.33 and earlier allows attackers with Job/Configure access to execute arbitrary OS commands on the Jenkins master as the OS user account running Jenkins.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2022-4690 | Jenkins CryptoMove Plugin 0.1.33 and earlier allows attackers with Job/Configure access to execute arbitrary OS commands on the Jenkins master as the OS user account running Jenkins. |
Github GHSA |
GHSA-p5x5-jg3j-2jcj | OS command injection in CryptoMove Plugin |
References
History
No history.
Status: PUBLISHED
Assigner: jenkins
Published:
Updated: 2024-08-04T07:01:40.936Z
Reserved: 2019-12-05T00:00:00.000Z
Link: CVE-2020-2159
No data.
Status : Modified
Published: 2020-03-09T16:15:15.343
Modified: 2026-06-17T03:11:52.437
Link: CVE-2020-2159
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
EUVD
Github GHSA