CVE Vulnerabilities

CVE-2022-43410

Published: Oct 19, 2022 | Modified: May 08, 2025
CVSS 3.x
5.3
MEDIUM
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
5.3 MODERATE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Ubuntu
root.io minimus.io echohq.com

Jenkins Mercurial Plugin 1251.va_b_121f184902 and earlier provides information about which jobs were triggered or scheduled for polling through its webhook endpoint, including jobs the user has no permission to access.

Affected Software

Name Vendor Start Version End Version
Mercurial Jenkins * 1251.va_b_121f184902 (including)
OCP-Tools-4.12-RHEL-8 RedHat jenkins-2-plugins-0:4.12.1675702407-1.el8 *

References