org.jenkins-ci.plugins:pipeline-input-step (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package org.jenkins-ci.plugins:pipeline-input-step, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2022-43407 — CVSS 8.8 (high): Jenkins Pipeline: Input Step Plugin 451.vf1a_a_4f405289 and earlier does not restrict or sanitize the optionally specified ID of the…
CVE-2017-1000108 — CVSS 7.5 (high): The Pipeline: Input Step Plugin by default allowed users with Item/Read access to a pipeline to interact with the step to provide input…
CVE-2022-34177 — CVSS 7.5 (high): Jenkins Pipeline: Input Step Plugin 448.v37cea_9a_10a_70 and earlier archives files uploaded for `file` parameters for Pipeline `input`…