CVE-2022-25914

Summary

The package com.google.cloud.tools:jib-core before 0.22.0 are vulnerable to Remote Code Execution (RCE) via the isDockerInstalled function, due to attempting to execute input.

Affected Software

VendorProductVersion RangeStatus
n/acom.google.cloud.tools:jib-coreunspecified < 0.22.0affected

Weaknesses

  • Remote Code Execution (RCE)

ADP Enrichment

CVE Program Container

Additional References

References