Skip to main content

Flaky Test Handler

3 CVEs product

Monthly

CVE-2023-40342 Maven MEDIUM PATCH This Month

Jenkins Flaky Test Handler Plugin 1.2.2 and earlier does not escape JUnit test contents when showing them on the Jenkins UI, resulting in a stored cross-site scripting (XSS) vulnerability exploitable. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins XSS Flaky Test Handler
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-28140 Maven HIGH PATCH This Week

Jenkins Flaky Test Handler Plugin 1.2.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins XXE Flaky Test Handler
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2020-2237 Maven MEDIUM PATCH This Month

A cross-site request forgery (CSRF) vulnerability in Jenkins Flaky Test Handler Plugin 1.0.4 and earlier allows attackers to rebuild a project at a previous git revision. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Jenkins Flaky Test Handler
NVD
CVSS 3.1
4.3
EPSS
0.7%
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Jenkins Flaky Test Handler Plugin 1.2.2 and earlier does not escape JUnit test contents when showing them on the Jenkins UI, resulting in a stored cross-site scripting (XSS) vulnerability exploitable. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins XSS Flaky Test Handler
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Jenkins Flaky Test Handler Plugin 1.2.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins XXE Flaky Test Handler
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

A cross-site request forgery (CSRF) vulnerability in Jenkins Flaky Test Handler Plugin 1.0.4 and earlier allows attackers to rebuild a project at a previous git revision. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Jenkins Flaky Test Handler
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy