{"vulnerability": "cve-2022-2517", "sightings": [{"uuid": "b6e76338-e93f-4792-8b37-1bab9b7cecff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25171", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12067", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-25171\n\ud83d\udd25 CVSS Score: 7.4 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P)\n\ud83d\udd39 Description: The package p4 before 0.0.7 are vulnerable to Command Injection via the run() function due to improper input sanitization\n\ud83d\udccf Published: 2022-12-21T01:21:43.830Z\n\ud83d\udccf Modified: 2025-04-16T14:42:51.719Z\n\ud83d\udd17 References:\n1. https://security.snyk.io/vuln/SNYK-JS-P4-3167330\n2. https://github.com/natelong/p4/blob/master/p4.js%23L12\n3. https://github.com/natelong/p4/commit/ae42e251beabf67c00539ec0e1d7aa149ca445fb", "creation_timestamp": "2025-04-16T14:56:37.000000Z"}, {"uuid": "ff21d925-8571-4e26-9555-3bf86f7d148c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25174", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lwud7a5ggv2m", "content": "", "creation_timestamp": "2025-08-20T21:02:35.115676Z"}, {"uuid": "e6201dd3-adef-4072-9d0f-137676f90d54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25171", "type": "seen", "source": "https://t.me/cibsecurity/54948", "content": "\u203c CVE-2022-25171 \u203c\n\nThe package p4 before 0.0.7 are vulnerable to Command Injection via the run() function due to improper input sanitization\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-20T07:11:55.000000Z"}, {"uuid": "dea109a4-fbdf-481b-8b6b-954a68019b77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25178", "type": "seen", "source": "https://t.me/cibsecurity/37515", "content": "\u203c CVE-2022-25178 \u203c\n\nJenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier does not restrict the names of resources passed to the libraryResource step, allowing attackers able to configure Pipelines permission to read arbitrary files on the Jenkins controller file system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-15T20:35:39.000000Z"}, {"uuid": "7962b342-35f1-4368-a69b-1dc820bbb595", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25173", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lwrspzowr32u", "content": "", "creation_timestamp": "2025-08-19T21:02:25.917068Z"}, {"uuid": "d489e88d-7840-481d-92f8-1e8ef3d012aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25179", "type": "seen", "source": "https://t.me/cibsecurity/37519", "content": "\u203c CVE-2022-25179 \u203c\n\nJenkins Pipeline: Multibranch Plugin 706.vd43c65dec013 and earlier follows symbolic links to locations outside of the checkout directory for the configured SCM when reading files using the readTrusted step, allowing attackers able to configure Pipelines permission to read arbitrary files on the Jenkins controller file system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-15T20:35:44.000000Z"}, {"uuid": "fb643a9c-c717-4b96-969a-a3f118fab9dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25175", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lwze4vh6qa25", "content": "", "creation_timestamp": "2025-08-22T21:02:30.428188Z"}]}