CVE-2022-20614
12.01.2022, 20:15
A missing permission check in Jenkins Mailer Plugin 391.ve4a_38c1b_cf4b_ and earlier allows attackers with Overall/Read access to use the DNS used by the Jenkins instance to resolve an attacker-specified hostname.Enginsight
Vendor | Product | Version |
---|---|---|
jenkins | mailer | 𝑥 < 1.34.2 |
jenkins | mailer | 391.ve4a_38c1b_cf4b_:ve4a_38c1b_cf4b_ |
oracle | communications_cloud_native_core_automated_test_suite | 1.9.0 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References