Jenkins Build Failure Analyzer
By the Year
In 2023 there have been 0 vulnerabilities in Jenkins Build Failure Analyzer . Build Failure Analyzer did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2023 | 0 | 0.00 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 1 | 5.40 |
2019 | 3 | 6.53 |
2018 | 0 | 0.00 |
It may take a day or so for new Build Failure Analyzer vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Jenkins Build Failure Analyzer Security Vulnerabilities
Jenkins Build Failure Analyzer Plugin 1.27.0 and earlier does not escape matching text in a form validation response
CVE-2020-2244
5.4 - Medium
- September 01, 2020
Jenkins Build Failure Analyzer Plugin 1.27.0 and earlier does not escape matching text in a form validation response, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers able to provide console output for builds used to test build log indications.
XSS
A cross-site request forgery vulnerability in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier
CVE-2019-16553
8.8 - High
- December 17, 2019
A cross-site request forgery vulnerability in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier allows attackers to have Jenkins evaluate a computationally expensive regular expression.
Session Riding
A missing permission check in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier
CVE-2019-16554
4.3 - Medium
- December 17, 2019
A missing permission check in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier allows attackers with Overall/Read permission to have Jenkins evaluate a computationally expensive regular expression.
Incorrect Default Permissions
A user-supplied regular expression in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier was processed in a way
CVE-2019-16555
6.5 - Medium
- December 17, 2019
A user-supplied regular expression in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier was processed in a way that wasn't interruptible, allowing attackers to have Jenkins evaluate a regular expression without the ability to interrupt this process.
Resource Exhaustion
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Jenkins Build Failure Analyzer or by Jenkins? Click the Watch button to subscribe.
