Lucene search
K

7 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:35 a.m.4 views

SUSE CVE-2017-1000108

The Pipeline: Input Step Plugin by default allowed users with Item/Read access to a pipeline to interact with the step to provide input. This has been changed, and now requires users to have the Item/Build permission instead...

7.5CVSS6.8AI score0.01146EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2022/05/17 12:29 a.m.8 views

com.splunk.splunkins:splunk-devops-extend (>=1.0 <=1.7.0), com.testinium.jenkins:testinium (=1.0) +25 more potentially affected by CVE-2017-1000108 via org.jenkins-ci.plugins:pipeline-input-step (>=2.0 <=2.5)

org.jenkins-ci.plugins:pipeline-input-step MAVEN version =2.0, =1.0, =0.0.15, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =0.1-preview-4, =2.2.0, =1.8-beta-1, =1.8-beta-1, =2.0, =2.5 and more Source cves: CVE-2017-1000108 Source advisory: OSV:GHSA-HXPW-7X95-Q38M...

7.5CVSS7.1AI score0.01146EPSS
Exploits0
NVD
NVD
added 2017/10/05 1:29 a.m.11 views

CVE-2017-1000108

The Pipeline: Input Step Plugin by default allowed users with Item/Read access to a pipeline to interact with the step to provide input. This has been changed, and now requires users to have the Item/Build permission instead...

7.5CVSS7.4AI score0.01146EPSS
Exploits0References1
OSV
OSV
added 2017/10/05 1:29 a.m.4 views

CVE-2017-1000108

The Pipeline: Input Step Plugin by default allowed users with Item/Read access to a pipeline to interact with the step to provide input. This has been changed, and now requires users to have the Item/Build permission instead...

7.5CVSS5.7AI score0.01146EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/10/04 1:0 a.m.13 views

CVE-2017-1000108

The Pipeline: Input Step Plugin by default allowed users with Item/Read access to a pipeline to interact with the step to provide input. This has been changed, and now requires users to have the Item/Build permission instead...

7.4AI score0.01146EPSS
Exploits0References1
CVE
CVE
added 2017/10/04 1:0 a.m.79 views

CVE-2017-1000108

CVE-2017-1000108 concerns the Jenkins Pipeline: Input Step Plugin. The vulnerability arises because, by default, users with Item/Read access could interact with the input step, potentially exposing sensitive workflow interactions. The issue is mitigated by changing the permission model so that on...

7.5CVSS7.3AI score0.01146EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2017/08/16 1:19 p.m.22 views

CVE-2017-1000108

The Pipeline: Input Step Plugin by default allowed users with Item/Read access to a pipeline to interact with the step to provide input. This has been changed, and now requires users to have the Item/Build permission instead...

7.5CVSS4AI score0.01146EPSS
Exploits0References2
Rows per page
Query Builder