cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-43502,https://securityvulnerability.io/vulnerability/CVE-2023-43502,,A cross-site request forgery (CSRF) vulnerability in Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier allows attackers to delete Failure Causes.,Jenkins,Jenkins Build Failure Analyzer Plugin,4.3,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2023-09-20T17:15:00.000Z,0
CVE-2023-43499,https://securityvulnerability.io/vulnerability/CVE-2023-43499,,"Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier does not escape Failure Cause names in build logs, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to create or update Failure Causes.",Jenkins,Jenkins Build Failure Analyzer Plugin,5.4,MEDIUM,0.0004900000058114529,false,false,false,false,,false,false,2023-09-20T17:15:00.000Z,0
CVE-2023-43501,https://securityvulnerability.io/vulnerability/CVE-2023-43501,,A missing permission check in Jenkins Build Failure Analyzer Plugin 2.4.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified hostname and port using attacker-specified username and password.,Jenkins,Jenkins Build Failure Analyzer Plugin,6.5,MEDIUM,0.0004900000058114529,false,false,false,false,,false,false,2023-09-20T17:15:00.000Z,0
CVE-2023-43500,https://securityvulnerability.io/vulnerability/CVE-2023-43500,CSRF Vulnerability in Jenkins Build Failure Analyzer Plugin by Jenkins,"A cross-site request forgery (CSRF) flaw exists in the Jenkins Build Failure Analyzer Plugin, versions 2.4.1 and earlier, which permits attackers to trick users into executing unwanted actions. This security issue enables an attacker to connect to a maliciously specified hostname and port by exploiting user credentials without their consent, compromising the integrity of the affected Jenkins setup. Users should review their systems and apply necessary updates to mitigate the risks associated with this vulnerability.",Jenkins,Jenkins Build Failure Analyzer Plugin,8.8,HIGH,0.000750000006519258,false,false,false,false,,false,false,2023-09-20T17:15:00.000Z,0
CVE-2020-2244,https://securityvulnerability.io/vulnerability/CVE-2020-2244,,"Jenkins Build Failure Analyzer Plugin 1.27.0 and earlier does not escape matching text in a form validation response, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers able to provide console output for builds used to test build log indications.",Jenkins,Jenkins Build Failure Analyzer Plugin,5.4,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2020-09-01T13:50:32.000Z,0
CVE-2019-16554,https://securityvulnerability.io/vulnerability/CVE-2019-16554,,A missing permission check in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier allows attackers with Overall/Read permission to have Jenkins evaluate a computationally expensive regular expression.,Jenkins,Jenkins Build Failure Analyzer Plugin,4.3,MEDIUM,0.0006900000153109431,false,false,false,false,,false,false,2019-12-17T14:40:47.000Z,0
CVE-2019-16555,https://securityvulnerability.io/vulnerability/CVE-2019-16555,,"A user-supplied regular expression in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier was processed in a way that wasn't interruptible, allowing attackers to have Jenkins evaluate a regular expression without the ability to interrupt this process.",Jenkins,Jenkins Build Failure Analyzer Plugin,6.5,MEDIUM,0.0006900000153109431,false,false,false,false,,false,false,2019-12-17T14:40:47.000Z,0
CVE-2019-16553,https://securityvulnerability.io/vulnerability/CVE-2019-16553,,A cross-site request forgery vulnerability in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier allows attackers to have Jenkins evaluate a computationally expensive regular expression.,Jenkins,Jenkins Build Failure Analyzer Plugin,8.8,HIGH,0.0008800000068731606,false,false,false,false,,false,false,2019-12-17T14:40:46.000Z,0