Jenkins Jacoco
By the Year
In 2023 there have been 1 vulnerability in Jenkins Jacoco with an average score of 5.4 out of ten. Jacoco did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2023 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 1 | 5.40 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Jacoco vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Jenkins Jacoco Security Vulnerabilities
Jenkins JaCoCo Plugin 3.3.2 and earlier does not escape class and method names shown on the UI
CVE-2023-28669
5.4 - Medium
- April 02, 2023
Jenkins JaCoCo Plugin 3.3.2 and earlier does not escape class and method names shown on the UI, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control input files for the 'Record JaCoCo coverage report' post-build action.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Jenkins Jacoco or by Jenkins? Click the Watch button to subscribe.
