Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Build Failure Analyzer Security Vulnerabilities

cve
cve

CVE-2023-43502

A cross-site request forgery (CSRF) vulnerability in Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier allows attackers to delete Failure...

4.3CVSS

4.5AI Score

0.0005EPSS

2023-09-20 05:15 PM
24
cve
cve

CVE-2023-43500

A cross-site request forgery (CSRF) vulnerability in Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier allows attackers to connect to an attacker-specified hostname and port using attacker-specified username and...

8.8CVSS

8.7AI Score

0.001EPSS

2023-09-20 05:15 PM
23
cve
cve

CVE-2023-43501

A missing permission check in Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified hostname and port using attacker-specified username and...

6.5CVSS

6.2AI Score

0.0005EPSS

2023-09-20 05:15 PM
20
cve
cve

CVE-2023-43499

Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier does not escape Failure Cause names in build logs, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to create or update Failure...

5.4CVSS

5.2AI Score

0.001EPSS

2023-09-20 05:15 PM
21
cve
cve

CVE-2020-2244

Jenkins Build Failure Analyzer Plugin 1.27.0 and earlier does not escape matching text in a form validation response, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers able to provide console output for builds used to test build log...

5.4CVSS

5.3AI Score

0.001EPSS

2020-09-01 02:15 PM
37
cve
cve

CVE-2019-16553

A cross-site request forgery vulnerability in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier allows attackers to have Jenkins evaluate a computationally expensive regular...

8.8CVSS

8.5AI Score

0.001EPSS

2019-12-17 03:15 PM
42
cve
cve

CVE-2019-16554

A missing permission check in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier allows attackers with Overall/Read permission to have Jenkins evaluate a computationally expensive regular...

4.3CVSS

4.4AI Score

0.001EPSS

2019-12-17 03:15 PM
42
cve
cve

CVE-2019-16555

A user-supplied regular expression in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier was processed in a way that wasn't interruptible, allowing attackers to have Jenkins evaluate a regular expression without the ability to interrupt this...

6.5CVSS

6.3AI Score

0.001EPSS

2019-12-17 03:15 PM
39
cve
cve

CVE-2016-4988

Cross-site scripting (XSS) vulnerability in the Build Failure Analyzer plugin before 1.16.0 in Jenkins allows remote attackers to inject arbitrary web script or HTML via an unspecified...

6.1CVSS

6.1AI Score

0.001EPSS

2017-02-09 03:59 PM
29
cve
cve

CVE-2013-6374

Cross-site scripting (XSS) vulnerability in the Build Failure Analyzer plugin before 1.5.1 for Jenkins allows remote authenticated users to inject arbitrary web script or HTML via unspecified...

5.3AI Score

0.001EPSS

2013-11-25 07:55 PM
15