Loading...

This issue is archived. You can view it, but you can't modify it. Learn more

XML

Word

Printable

Type: Bug
Resolution: Duplicate
Priority: Major
Component/s: pipeline-utility-steps-plugin
Labels:
- issue-exported-to-github
Environment:
pipeline-utility-steps:2.13.0

pipeline-utility-steps plugin depends on commons-text-1.8, which is affected by the following CVE:

https://nvd.nist.gov/vuln/detail/CVE-2022-42889

is duplicated by

JENKINS-69877 CVE-2022-42889: Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults

Closed

Assignee:: Unassigned
Reporter:: Sandra Antunes

Created:: 2022-10-24 09:11
Updated:: 1 week ago 00:34
Resolved:: 2022-10-27 16:21
Archived:: 1 week ago 00:34