CVE-2022-0538 — Vulnetix

CVE-2022-0538 PUBLISHED

Jenkins LTS 2.319.2 and earlier defines custom XStream converters that have not been updated to apply the protections for the vulnerability CVE-2021-43859 and allow unconstrained resource usage.

EPSS 0.50% · 66.1th percentile

Risk Scores

EPSS Score

0.50%

66.1th percentile

Affected Products

Vendor	Product	Versions
Bitnami	jenkins	0
Bitnami	jenkins	0

Timeline

Feb 9, 2022 CVE Published
Feb 10, 2022 EPSS Score
Apr 3, 2022 EPSS Score
May 26, 2022 EPSS Score
Sep 8, 2022 EPSS Score
Oct 31, 2022 EPSS Score
Dec 22, 2022 EPSS Score
Feb 12, 2023 EPSS Score
Apr 5, 2023 EPSS Score
May 28, 2023 EPSS Score
Jul 19, 2023 EPSS Score
Sep 9, 2023 EPSS Score

References

http://www.openwall.com/lists/oss-security/2022/02/09/1 url
https://www.jenkins.io/security/advisory/2022-02-09/#SECURITY-2602 url
https://nvd.nist.gov/vuln/detail/CVE-2022-0538 url

Open in Interactive Console →