Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-20617 PoC — Jenkins 插件 操作系统命令注入漏洞

Source
https://github.com/shoucheng3/jenkinsci__docker-commons-plugin_CVE-2022-20617_1-17
Associated Vulnerability
Title:Jenkins 插件 操作系统命令注入漏洞 (CVE-2022-20617)
Description:Jenkins和Jenkins 插件都是Jenkins开源的产品。Jenkins是一个应用软件。一个开源自动化服务器Jenkins提供了数百个插件来支持构建,部署和自动化任何项目。Jenkins 插件是一个应用软件。 Jenkins Docker Commons Plugin 存在操作系统命令注入漏洞,该漏洞源于 Jenkins Docker Commons Plugin 1.17 版本及更早版本不会清理图像或标签的名称,导致操作系统命令执行漏洞可被具有项目/配置权限的攻击者利用或能够控制先前配置的作业的
Readme
# Docker Commons API Plugin for Jenkins

[![Join the chat at https://gitter.im/jenkinsci/docker](https://badges.gitter.im/jenkinsci/docker.svg)](https://gitter.im/jenkinsci/docker?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
[![Jenkins Plugin](https://img.shields.io/jenkins/plugin/v/docker-commons.svg)](https://plugins.jenkins.io/docker-commons)
[![GitHub release](https://img.shields.io/github/release/jenkinsci/docker-commons-plugin.svg?label=changelog)](https://github.com/jenkinsci/docker-commons-plugin/releases/latest)
[![Jenkins Plugin Installs](https://img.shields.io/jenkins/plugin/i/role-strategy.svg?color=blue)](https://plugins.jenkins.io/docker-commons)

API plugin, which provides the common shared functionality for various Docker-related plugins.

## Summary

* API for managing Docker image and container fingerprints
* Credentials and location of Docker Registry
* Credentials and location of Docker Daemon (aka Docker Remote API)
* <code>ToolInstallation</code> for Docker CLI clients
* <code>DockerImageExtractor</code> extension point to get Docker image relations from jobs
* Simple UI referring related image fingerprints in Docker builds
* etc.

## Use-cases

### Credentials and locations

This allows users to configure one set of endpoint/credentials and use it across all the Docker related plugins, 
thereby keeping configuration more [DRY](http://en.wikipedia.org/wiki/Don%27t_repeat_yourself).

See [Docker Pipeline Plugin](https://plugins.jenkins.io/docker-workflow) for the typical usage.

## Declarative pipeline example

An example on how to bind Docker host/daemon credentials in a declarative pipeline: 

```groovy
pipeline {
  agent any
  tools {
    // a bit ugly because there is no `@Symbol` annotation for the DockerTool
    // see the discussion about this in PR 77 and PR 52: 
    // https://github.com/jenkinsci/docker-commons-plugin/pull/77#discussion_r280910822
    // https://github.com/jenkinsci/docker-commons-plugin/pull/52
    'org.jenkinsci.plugins.docker.commons.tools.DockerTool' '18.09'
  }
  environment {
    DOCKER_CERT_PATH = credentials('id-for-a-docker-cred')
  }
  stages {
    stage('foo') {
      steps {
        sh "docker version" // DOCKER_CERT_PATH is automatically picked up by the Docker client
      }
    }
  }
}
```

## License

[MIT License](http://opensource.org/licenses/MIT)

## Changelog

* See [GitHub Releases](https://github.com/jenkinsci/docker-commons-plugin/releases/latest) for the recent versions
* See [the release notes archive](./CHANGELOG.md) for version `1.15` and older
File Snapshot

 [4.0K]  /data/pocs/6a434fa51b079a2ab35c431ae7ff85ba55ad2126
├── [5.2K]  CHANGELOG.md
├── [4.0K]  docs
│   └── [4.0K]  images
│       ├── [ 253]  add.svg
│       ├── [ 366]  error.svg
│       └── [ 289]  information.svg
├── [  14]  Jenkinsfile
├── [1.1K]  LICENSE.txt
├── [6.1K]  pom.xml
├── [2.5K]  README.md
└── [4.0K]  src
    ├── [4.0K]  main
    │   ├── [4.0K]  java
    │   │   └── [4.0K]  org
    │   │       └── [4.0K]  jenkinsci
    │   │           └── [4.0K]  plugins
    │   │               └── [4.0K]  docker
    │   │                   └── [4.0K]  commons
    │   │                       ├── [4.0K]  credentials
    │   │                       │   ├── [ 16K]  DockerRegistryEndpoint.java
    │   │                       │   ├── [7.7K]  DockerRegistryToken.java
    │   │                       │   ├── [1.8K]  DockerServerCredentialsBinding.java
    │   │                       │   ├── [2.4K]  DockerServerCredentialsHandler.java
    │   │                       │   ├── [4.4K]  DockerServerCredentials.java
    │   │                       │   ├── [1.6K]  DockerServerDomainRequirement.java
    │   │                       │   ├── [2.7K]  DockerServerDomainSpecification.java
    │   │                       │   ├── [9.5K]  DockerServerEndpoint.java
    │   │                       │   ├── [2.0K]  KeyMaterialContext.java
    │   │                       │   ├── [4.6K]  KeyMaterialFactory.java
    │   │                       │   └── [3.1K]  KeyMaterial.java
    │   │                       ├── [2.2K]  DockerCommonsPlugin.java
    │   │                       ├── [2.9K]  DockerImageExtractor.java
    │   │                       ├── [4.0K]  fingerprint
    │   │                       │   ├── [4.1K]  ContainerRecord.java
    │   │                       │   ├── [2.7K]  DockerAncestorFingerprintFacet.java
    │   │                       │   ├── [2.3K]  DockerDescendantFingerprintFacet.java
    │   │                       │   ├── [4.8K]  DockerFingerprintAction.java
    │   │                       │   ├── [1.8K]  DockerFingerprintFacet.java
    │   │                       │   ├── [ 13K]  DockerFingerprints.java
    │   │                       │   ├── [2.2K]  DockerRunFingerprintFacet.java
    │   │                       │   └── [3.1K]  DockerRunPtrFingerprintFacet.java
    │   │                       ├── [4.0K]  impl
    │   │                       │   ├── [5.2K]  CompositeKeyMaterialFactory.java
    │   │                       │   ├── [2.1K]  NullKeyMaterialFactory.java
    │   │                       │   ├── [5.4K]  RegistryKeyMaterialFactory.java
    │   │                       │   ├── [2.6K]  ServerHostKeyMaterialFactory.java
    │   │                       │   ├── [2.2K]  ServerKeyMaterialFactoryFromDockerCredentials.java
    │   │                       │   ├── [4.9K]  ServerKeyMaterialFactory.java
    │   │                       │   └── [2.4K]  UsernamePasswordDockerRegistryTokenSource.java
    │   │                       └── [4.0K]  tools
    │   │                           ├── [8.1K]  DockerToolInstaller.java
    │   │                           └── [5.7K]  DockerTool.java
    │   ├── [4.0K]  resources
    │   │   ├── [1.2K]  index.jelly
    │   │   ├── [4.0K]  lib
    │   │   │   └── [4.0K]  docker
    │   │   │       └── [4.0K]  commons
    │   │   │           ├── [2.3K]  selectDockerTool.jelly
    │   │   │           └── [   1]  taglib
    │   │   └── [4.0K]  org
    │   │       └── [4.0K]  jenkinsci
    │   │           └── [4.0K]  plugins
    │   │               └── [4.0K]  docker
    │   │                   └── [4.0K]  commons
    │   │                       ├── [4.0K]  credentials
    │   │                       │   ├── [4.0K]  DockerRegistryEndpoint
    │   │                       │   │   ├── [1.4K]  config.jelly
    │   │                       │   │   └── [ 176]  help-url.html
    │   │                       │   ├── [4.0K]  DockerServerCredentials
    │   │                       │   │   └── [1.7K]  credentials.jelly
    │   │                       │   ├── [4.0K]  DockerServerCredentialsBinding
    │   │                       │   │   ├── [1.3K]  config-variables.jelly
    │   │                       │   │   └── [ 339]  help-variable.html
    │   │                       │   ├── [4.0K]  DockerServerDomainSpecification
    │   │                       │   │   └── [ 155]  help.jelly
    │   │                       │   └── [4.0K]  DockerServerEndpoint
    │   │                       │       ├── [1.4K]  config.jelly
    │   │                       │       └── [ 244]  help-uri.html
    │   │                       ├── [4.0K]  fingerprint
    │   │                       │   └── [4.0K]  DockerFingerprintAction
    │   │                       │       ├── [3.3K]  index.jelly
    │   │                       │       └── [  33]  index.properties
    │   │                       ├── [ 195]  Messages.properties
    │   │                       └── [4.0K]  tools
    │   │                           ├── [4.0K]  DockerTool
    │   │                           │   ├── [1.4K]  config.jelly
    │   │                           │   └── [ 136]  help-home.html
    │   │                           ├── [4.0K]  DockerToolInstaller
    │   │                           │   ├── [1.3K]  config.jelly
    │   │                           │   └── [ 347]  help-version.html
    │   │                           └── [1.2K]  Messages.properties
    │   └── [4.0K]  webapp
    │       └── [4.0K]  images
    │           ├── [4.0K]  16x16
    │           │   └── [ 785]  docker.png
    │           ├── [4.0K]  24x24
    │           │   └── [1.3K]  docker.png
    │           ├── [4.0K]  32x32
    │           │   └── [1.7K]  docker.png
    │           └── [4.0K]  48x48
    │               └── [2.7K]  docker.png
    └── [4.0K]  test
        ├── [4.0K]  java
        │   └── [4.0K]  org
        │       └── [4.0K]  jenkinsci
        │           └── [4.0K]  plugins
        │               └── [4.0K]  docker
        │                   └── [4.0K]  commons
        │                       ├── [4.5K]  CasCTest.java
        │                       ├── [3.5K]  ConfigTest.java
        │                       ├── [4.0K]  credentials
        │                       │   ├── [6.9K]  DockerRegistryEndpointTest.java
        │                       │   ├── [6.4K]  DockerServerCredentialsBindingTest.java
        │                       │   ├── [4.8K]  DockerServerCredentialsHandlerTest.java
        │                       │   ├── [6.4K]  DockerServerCredentialsTest.java
        │                       │   ├── [2.8K]  DockerServerDomainSpecificationTest.java
        │                       │   └── [4.4K]  DockerServerEndpointTest.java
        │                       ├── [4.0K]  fingerprint
        │                       │   ├── [1.8K]  DockerFingerprintsTest.java
        │                       │   └── [3.0K]  DockerRunFingerprintFacetTest.java
        │                       ├── [4.0K]  impl
        │                       │   └── [8.2K]  RegistryKeyMaterialFactoryTest.java
        │                       ├── [4.0K]  tools
        │                       │   ├── [6.9K]  DockerToolInstallerTest.java
        │                       │   └── [2.6K]  DockerToolTest.java
        │                       └── [4.0K]  util
        │                           └── [3.9K]  SampleDockerBuilder.java
        └── [4.0K]  resources
            └── [4.0K]  org
                └── [4.0K]  jenkinsci
                    └── [4.0K]  plugins
                        └── [4.0K]  docker
                            └── [4.0K]  commons
                                ├── [ 612]  casc_bare.yaml
                                ├── [ 618]  casc_symbols.yaml
                                ├── [4.0K]  credentials
                                │   ├── [4.0K]  DockerServerCredentialsBindingTest
                                │   │   ├── [ 487]  basics-Jenkinsfile
                                │   │   ├── [ 387]  basics-step1.bat
                                │   │   ├── [ 833]  basics-step1.sh
                                │   │   ├── [ 171]  basics-step2.bat
                                │   │   └── [ 322]  basics-step2.sh
                                │   └── [4.0K]  DockerServerCredentialsHandlerTest
                                │       ├── [ 493]  basics-Jenkinsfile
                                │       ├── [ 387]  basics-step1.bat
                                │       └── [ 833]  basics-step1.sh
                                └── [4.0K]  util
                                    └── [4.0K]  SampleDockerBuilder
                                        └── [1.3K]  config.jelly

63 directories, 86 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.