Jenkins Spring Config
By the Year
In 2023 there have been 0 vulnerabilities in Jenkins Spring Config . Last year Spring Config had 1 security vulnerability published. Right now, Spring Config is on track to have less security vulnerabilities in 2023 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 0 | 0.00 |
| 2022 | 1 | 5.40 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Spring Config vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Jenkins Spring Config Security Vulnerabilities
Jenkins Spring Config Plugin 2.0.0 and earlier does not escape build display names shown on the Spring Config view
CVE-2022-46687
5.4 - Medium
- December 12, 2022
Jenkins Spring Config Plugin 2.0.0 and earlier does not escape build display names shown on the Spring Config view, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to change build display names.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Jenkins Spring Config or by Jenkins? Click the Watch button to subscribe.
