GHSA-H5MV-FV98-GQMQ
Vulnerability from github – Published: 2022-05-24 17:19 – Updated: 2022-12-21 16:23
VLAI
Summary
OS command injection vulnerability in Jenkins Play Framework Plugin
Details
A form validation endpoint in Play Framework Plugin executes the play command to validate a given input file.
Play Framework Plugin 1.0.2 and earlier lets users specify the path to the play command on the Jenkins controller. This results in an OS command injection vulnerability exploitable by users able to store such a file on the Jenkins controller (e.g. through archiving artifacts).
Severity
8.8 (High)
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.jenkins-ci.plugins:play-autotest-plugin"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.0.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2020-2200"
],
"database_specific": {
"cwe_ids": [
"CWE-78"
],
"github_reviewed": true,
"github_reviewed_at": "2022-12-21T16:22:08Z",
"nvd_published_at": "2020-06-03T13:15:00Z",
"severity": "HIGH"
},
"details": "A form validation endpoint in Play Framework Plugin executes the `play` command to validate a given input file.\n\nPlay Framework Plugin 1.0.2 and earlier lets users specify the path to the `play` command on the Jenkins controller. This results in an OS command injection vulnerability exploitable by users able to store such a file on the Jenkins controller (e.g. through archiving artifacts).",
"id": "GHSA-h5mv-fv98-gqmq",
"modified": "2022-12-21T16:23:06Z",
"published": "2022-05-24T17:19:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2200"
},
{
"type": "PACKAGE",
"url": "https://github.com/jenkinsci/play-plugin"
},
{
"type": "WEB",
"url": "https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1879"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2020/06/03/3"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "OS command injection vulnerability in Jenkins Play Framework Plugin"
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…