VulnerableCode Package Details - pkg:maven/org.jenkins-ci.plugins/pipeline-build-step@2.5

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/org.jenkins-ci.plugins/pipeline-build-step@2.5

Essentials
History (2)

purl	pkg:maven/org.jenkins-ci.plugins/pipeline-build-step@2.5

Next non-vulnerable version	2.5.1
Latest non-vulnerable version	2.18.1
Risk	3.1

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-1xxf-tjs3-zydm Aliases: CVE-2017-1000089 GHSA-8jx9-7j5m-79x4	Incorrect Default Permissions Builds in Jenkins are associated with an authentication that controls the permissions that the build has to interact with other elements in Jenkins.	2.5.1 Affected by 0 other vulnerabilities. 2.6 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-1xxf-tjs3-zydm
Aliases:
CVE-2017-1000089
GHSA-8jx9-7j5m-79x4

Incorrect Default Permissions Builds in Jenkins are associated with an authentication that controls the permissions that the build has to interact with other elements in Jenkins.

2.5.1
Affected by 0 other vulnerabilities.

2.6
Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T16:01:38.161920+00:00	GHSA Importer	Affected by	VCID-1xxf-tjs3-zydm	https://github.com/advisories/GHSA-8jx9-7j5m-79x4	38.0.0
2026-04-01T12:47:23.649053+00:00	GitLab Importer	Affected by	VCID-1xxf-tjs3-zydm	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jenkins-ci.plugins/pipeline-build-step/CVE-2017-1000089.yml	38.0.0