CVE-2022-25181

Name of the Vulnerable Software and Affected Versions Jenkins Pipeline: Shared Groovy Libraries Plugin versions 552.vd9cc05b8a2e1 and earlier

Description A sandbox bypass issue allows attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM through crafted SCM contents, if a global Pipeline library already exists. This is possible because the plugin uses the same workspace directory for all checkouts of Pipeline libraries with the same name, regardless of the SCM being used and the source of the library configuration.

Recommendations For Jenkins Pipeline: Shared Groovy Libraries Plugin versions 552.vd9cc05b8a2e1 and earlier, consider updating to a version that uses distinct checkout directories per SCM for Pipeline libraries, such as version 561.va ce0de3c2d69 or later, to prevent attackers from executing arbitrary code in the context of the Jenkins controller JVM. As a temporary workaround, restrict access to the plugin's functionality for users with Item/Configure permission to minimize the risk of exploitation.