VulnerableCode Package Details - pkg:maven/org.jenkins-ci.plugins.pipeline-stage-view/pipeline-stage-view@2.24.2

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/org.jenkins-ci.plugins.pipeline-stage-view/pipeline-stage-view@2.24.2

purl	pkg:maven/org.jenkins-ci.plugins.pipeline-stage-view/pipeline-stage-view@2.24.2

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-rxtr-936k-h3cc	Jenkins Pipeline: Stage View Plugin allows CSRF protection bypass of any target URL in Jenkins Jenkins Pipeline: Stage View Plugin provides a visualization of Pipeline builds. It also allows users to interact with `input` steps from Pipeline: Input Step Plugin. Pipeline: Stage View Plugin 2.26 and earlier does not correctly encode the ID of `input` steps when using it to generate URLs to proceed or abort Pipeline builds. This allows attackers able to configure Pipelines to specify `input` step IDs resulting in URLs that would bypass the CSRF protection of any target URL in Jenkins. Pipeline: Stage View Plugin 2.27 correctly encodes the ID of `input` steps when using it to generate URLs to proceed or abort Pipeline builds.	CVE-2022-43408 GHSA-g975-f26h-93g8

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T16:03:47.489972+00:00	GHSA Importer	Fixing	VCID-rxtr-936k-h3cc	https://github.com/advisories/GHSA-g975-f26h-93g8	38.0.0
2026-04-01T13:04:55.863411+00:00	GithubOSV Importer	Fixing	VCID-rxtr-936k-h3cc	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/10/GHSA-g975-f26h-93g8/GHSA-g975-f26h-93g8.json	38.0.0