pkg:maven/org.jenkins-ci.plugins/build-failure-analyzer
Type
maven
Namespace
org.jenkins-ci.plugins
Name
build-failure-analyzer
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/build-failure-analyzer package.
High
2
Medium
2
| Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
|---|---|---|---|---|---|---|---|
| Affected | <= 1.27.0 |
CVE-2020-2244
|
 JENKINS:SECURITY-1770
|
XSS vulnerability in `build-failure-analyzer` | high |
2020-09-01T00:00:00
(4 years ago) |
|
| Fixed | = 1.27.1 |
CVE-2020-2244
|
JENKINS:SECURITY-1770
|
XSS vulnerability in `build-failure-analyzer` | high |
2020-09-01T00:00:00
(4 years ago) |
|
| Affected | <= 2.4.1 |
CVE-2023-43500
CVE-2023-43501 |
JENKINS:SECURITY-3226
|
CSRF vulnerability and missing permission check in `build-failure-analyzer` allow SSRF | medium |
2023-09-20T00:00:00
(12 months ago) |
|
| Fixed | = 2.4.2 |
CVE-2023-43500
CVE-2023-43501 |
JENKINS:SECURITY-3226
|
CSRF vulnerability and missing permission check in `build-failure-analyzer` allow SSRF | medium |
2023-09-20T00:00:00
(12 months ago) |
|
| Affected | <= 2.4.1 |
CVE-2023-43502
|
JENKINS:SECURITY-3239
|
CSRF vulnerability in `build-failure-analyzer` allows deleting Failure Causes | medium |
2023-09-20T00:00:00
(12 months ago) |
|
| Fixed | = 2.4.2 |
CVE-2023-43502
|
JENKINS:SECURITY-3239
|
CSRF vulnerability in `build-failure-analyzer` allows deleting Failure Causes | medium |
2023-09-20T00:00:00
(12 months ago) |
|
| Affected | <= 2.4.1 |
CVE-2023-43499
|
JENKINS:SECURITY-3244
|
Stored XSS vulnerability in `build-failure-analyzer` | high |
2023-09-20T00:00:00
(12 months ago) |
|
| Fixed | = 2.4.2 |
CVE-2023-43499
|
JENKINS:SECURITY-3244
|
Stored XSS vulnerability in `build-failure-analyzer` | high |
2023-09-20T00:00:00
(12 months ago) |