CVE-2022-30949

Name of the Vulnerable Software and Affected Versions Jenkins REPO Plugin versions 1.14.0 and earlier

Description The issue allows attackers who can configure pipelines to check out some SCM repositories stored on the Jenkins controller's file system using local paths as SCM URLs. This enables them to obtain limited information about other projects' SCM contents. Historically, in Jenkins, only agents checked out from SCM, and if multiple projects share the same agent, there is no expected isolation between builds besides using different workspaces unless overridden. Some Pipeline-related features check out SCMs from the Jenkins controller as well. SCMs support a number of different URL schemes, including local file system paths, such as using file: URLs.

Recommendations For Jenkins REPO Plugin versions 1.14.0 and earlier, consider updating to a version later than 1.14.0 to resolve the issue. As a temporary workaround, restrict the configuration of pipelines to trusted users to minimize the risk of exploitation. Additionally, restrict access to the Jenkins controller's file system to prevent unauthorized checkout of SCM repositories.