Jenkins Pipeline Utility Steps
By the Year
In 2023 there have been 0 vulnerabilities in Jenkins Pipeline Utility Steps . Last year Pipeline Utility Steps had 1 security vulnerability published. Right now, Pipeline Utility Steps is on track to have less security vulnerabilities in 2023 than it did last year.
It may take a day or so for new Pipeline Utility Steps vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Jenkins Pipeline Utility Steps Security Vulnerabilities
Jenkins Pipeline Utility Steps Plugin 2.13.1 and earlier does not restrict the set of enabled prefix interpolators and bundles versions of Apache Commons Configuration library
8.1 - High
- November 15, 2022
Jenkins Pipeline Utility Steps Plugin 2.13.1 and earlier does not restrict the set of enabled prefix interpolators and bundles versions of Apache Commons Configuration library that enable the 'file:' prefix interpolator by default, allowing attackers able to configure Pipelines to read arbitrary files from the Jenkins controller file system.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Jenkins Pipeline Utility Steps or by Jenkins? Click the Watch button to subscribe.