Jenkins Build Metrics
By the Year
In 2024 there have been 0 vulnerabilities in Jenkins Build Metrics . Build Metrics did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 2 | 4.85 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 1 | 6.10 |
2018 | 0 | 0.00 |
It may take a day or so for new Build Metrics vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Jenkins Build Metrics Security Vulnerabilities
Jenkins build-metrics Plugin 1.3 and earlier does not perform permission checks in multiple HTTP endpoints
CVE-2022-34785
4.3 - Medium
- June 30, 2022
Jenkins build-metrics Plugin 1.3 and earlier does not perform permission checks in multiple HTTP endpoints, allowing attackers with Overall/Read permission to obtain information about jobs otherwise inaccessible to them.
AuthZ
Jenkins build-metrics Plugin 1.3 does not escape the build description on one of its views
CVE-2022-34784
5.4 - Medium
- June 30, 2022
Jenkins build-metrics Plugin 1.3 does not escape the build description on one of its views, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Build/Update permission.
XSS
A reflected cross-site scripting vulnerability in Jenkins build-metrics Plugin
CVE-2019-10475
6.1 - Medium
- October 23, 2019
A reflected cross-site scripting vulnerability in Jenkins build-metrics Plugin allows attackers to inject arbitrary HTML and JavaScript into web pages provided by this plugin.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Jenkins Build Metrics or by Jenkins? Click the Watch button to subscribe.