Jenkins build failure analyzer plugin

This hub aggregates every CVE we track for Jenkins build failure analyzer plugin, a product in the devtools ci space. Use it to gauge the current risk picture and drill into individual advisories.

DevTools & CIon-premcms plugin

CVEs tracked

Critical

High

In CISA KEV

Severity distribution

MEDIUM6HIGH2

Monthly trend

2024-072026-06

Latest CVEs

See all →

The 8 most recently published vulnerabilities affecting Jenkins build failure analyzer plugin.

CVE-2023-43502A cross-site request forgery (CSRF) vulnerability in Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier allows attackers to delete Failure Causes.4.3Sep 20, 2023
CVE-2023-43500A cross-site request forgery (CSRF) vulnerability in Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier allows attackers to connect to an attacker-specified hostname and port using attacker-sp...8.8Sep 20, 2023
CVE-2023-43501A missing permission check in Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified hostname and port using attac...6.5Sep 20, 2023
CVE-2023-43499Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier does not escape Failure Cause names in build logs, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers ab...5.4Sep 20, 2023
CVE-2020-2244Jenkins Build Failure Analyzer Plugin 1.27.0 and earlier does not escape matching text in a form validation response, resulting in a cross-site scripting (XSS) vulnerability exploitable by attacker...5.4Sep 1, 2020
CVE-2019-16554A missing permission check in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier allows attackers with Overall/Read permission to have Jenkins evaluate a computationally expensive regular exp...4.3Dec 17, 2019
CVE-2019-16555A user-supplied regular expression in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier was processed in a way that wasn't interruptible, allowing attackers to have Jenkins evaluate a regula...6.5Dec 17, 2019
CVE-2019-16553A cross-site request forgery vulnerability in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier allows attackers to have Jenkins evaluate a computationally expensive regular expression.8.8Dec 17, 2019

Product normalization is registry-driven with AI assist and human review. How it works