Skip to main content

Pipeline Utility Steps

2 CVEs product

Monthly

CVE-2023-32981 Maven HIGH PATCH This Week

An arbitrary file write vulnerability in Jenkins Pipeline Utility Steps Plugin 2.15.2 and earlier allows attackers able to provide crafted archives as parameters to create or replace arbitrary files. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Jenkins Pipeline Utility Steps
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2022-45381 Maven HIGH PATCH This Week

Jenkins Pipeline Utility Steps Plugin 2.13.1 and earlier does not restrict the set of enabled prefix interpolators and bundles versions of Apache Commons Configuration library that enable the 'file:'. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Apache Jenkins Pipeline Utility Steps
NVD
CVSS 3.1
8.1
EPSS
1.3%
EPSS 1% CVSS 8.8
HIGH PATCH This Week

An arbitrary file write vulnerability in Jenkins Pipeline Utility Steps Plugin 2.15.2 and earlier allows attackers able to provide crafted archives as parameters to create or replace arbitrary files. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Jenkins +1
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Jenkins Pipeline Utility Steps Plugin 2.13.1 and earlier does not restrict the set of enabled prefix interpolators and bundles versions of Apache Commons Configuration library that enable the 'file:'. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Apache Jenkins +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy