The package com.google.cloud.tools:jib-core before 0.22.0 are vulnerable to Remote Code Execution (RCE) via the isDockerInstalled function, due to attempting to execute input.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
EUVD-2022-6750 | The package com.google.cloud.tools:jib-core before 0.22.0 are vulnerable to Remote Code Execution (RCE) via the isDockerInstalled function, due to attempting to execute input. |
![]() |
GHSA-936v-cg49-m2g5 | com.google.cloud.tools:jib-core vulnerable to Remote Code Execution (RCE) |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: snyk
Published:
Updated: 2024-09-17T00:11:32.255Z
Reserved: 2022-02-24T00:00:00
Link: CVE-2022-25914

No data.

Status : Modified
Published: 2022-09-08T05:15:07.497
Modified: 2024-11-21T06:53:12.377
Link: CVE-2022-25914


No data.