Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Input Step Plugin Security Vulnerabilities

cve
cve

CVE-2022-43407

Jenkins Pipeline: Input Step Plugin 451.vf1a_a_4f405289 and earlier does not restrict or sanitize the optionally specified ID of the 'input' step, which is used for the URLs that process user interactions for the given 'input' step (proceed or abort) and is not correctly encoded, allowing...

8.8CVSS

8.5AI Score

0.001EPSS

2022-10-19 04:15 PM
68
4
cve
cve

CVE-2017-1000108

The Pipeline: Input Step Plugin by default allowed users with Item/Read access to a pipeline to interact with the step to provide input. This has been changed, and now requires users to have the Item/Build permission...

7.5CVSS

7.3AI Score

0.001EPSS

2022-10-03 04:23 PM
48
cve
cve

CVE-2022-34177

Jenkins Pipeline: Input Step Plugin 448.v37cea_9a_10a_70 and earlier archives files uploaded for file parameters for Pipeline input steps on the controller as part of build metadata, using the parameter name without sanitization as a relative path inside a build-related directory, allowing...

7.5CVSS

7.5AI Score

0.001EPSS

2022-06-23 05:15 PM
91
4