Badge Jenkins Badge

Do you want an email whenever new security vulnerabilities are reported in Jenkins Badge?

By the Year

In 2024 there have been 0 vulnerabilities in Jenkins Badge . Badge did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2024 0 0.00
2023 0 0.00
2022 1 5.40
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 1 5.40

It may take a day or so for new Badge vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Jenkins Badge Security Vulnerabilities

Jenkins Badge Plugin 1.9 and earlier does not escape the description and does not check for

CVE-2022-23108 5.4 - Medium - January 12, 2022

Jenkins Badge Plugin 1.9 and earlier does not escape the description and does not check for allowed protocols when creating a badge, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

XSS

A persisted cross-site scripting vulnerability exists in Jenkins Badge Plugin 1.4 and earlier in BadgeSummaryAction.java, HtmlBadgeAction.java

CVE-2018-1000604 5.4 - Medium - June 26, 2018

A persisted cross-site scripting vulnerability exists in Jenkins Badge Plugin 1.4 and earlier in BadgeSummaryAction.java, HtmlBadgeAction.java that allows attackers able to control build badge content to define JavaScript that would be executed in another user's browser when that other user performs some UI actions.

XSS

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Jenkins Badge or by Jenkins? Click the Watch button to subscribe.

Jenkins
Vendor

Jenkins Badge
Product

subscribe