org.jenkins-ci.plugins:docker-build-step is vulnerable to Improper Authorization. The vulnerability is due to inadequate permission validation, allowing attackers with Overall/Read permission to connect to attacker-specified TCP or Unix socket URLs and reconfigure the plugin using provided connection test parameters, affecting future build step executions.
CPE | Name | Operator | Version |
---|---|---|---|
docker-build-step | le | 2.11 | |
docker-build-step | le | 2.11 |