2119642 – (CVE-2022-30945) CVE-2022-30945 Jenkins plugin: Sandbox bypass vulnerability through implicitly allowlisted platform Groovy files in Pipeline: Groovy Plugin

Bug 2119642 (CVE-2022-30945) - CVE-2022-30945 Jenkins plugin: Sandbox bypass vulnerability through implicitly allowlisted platform Groovy files in Pipeline: Groovy Plugin

Summary: CVE-2022-30945 Jenkins plugin: Sandbox bypass vulnerability through implicitl...

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2022-30945
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	2119640
TreeView+	depends on / blocked

Reported:	2022-08-19 04:09 UTC by Avinash Hanwate
Modified:	2023-02-20 15:28 UTC (History)
CC List:	3 users (show)
Fixed In Version:	Pipeline Groovy Plugin 2692.v76b_089ccd026
Doc Type:	If docs needed, set a value
Doc Text:	A flaw was found in Jenkins Groovy Plugin. The plugin allows pipelines to load Groovy source files. The intent is to allow Global Shared Libraries to execute without sandbox protection. The issue is that the plugin allows any Groovy source files bundled with Jenkins core and plugins to be loaded this way and their methods executed. If a suitable Groovy source file is available on the classpath of Jenkins, sandbox protections can be bypassed. No Groovy source files were found in Jenkins core or plugins that could result in attackers executing dangerous code; hence successful exploitation is considered highly unlikely.
Clone Of:
Environment:
Last Closed:	2023-01-14 17:30:40 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2023:0017	0	None	None	None	2023-01-12 16:46:57 UTC

Description Avinash Hanwate 2022-08-19 04:09:09 UTC

Jenkins Pipeline: Groovy Plugin 2689.v434009a_31b_f1 and earlier allows loading any Groovy source files on the classpath of Jenkins and Jenkins plugins in sandboxed pipelines.

Comment 4 errata-xmlrpc 2023-01-12 16:46:55 UTC

This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.8

Via RHSA-2023:0017 https://access.redhat.com/errata/RHSA-2023:0017

Comment 5 Product Security DevOps Team 2023-01-14 17:30:38 UTC

This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2022-30945

Note You need to log in before you can comment on or make changes to this bug.