Static Analysis Utilities Security Vulnerabilities and Issues — Static Analysis Utilities CVE List

Lucene search

JenkinsStatic Analysis Utilities

4 matches found

CVE•added 2020/11/04 3:15 p.m.•55 views

CVE-2020-2316

Jenkins Static Analysis Utilities Plugin 1.96 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.

5.4CVSS5.2AI score0.00246EPSS

CVE•added 2019/04/30 1:29 p.m.•53 views

CVE-2019-10307

A cross-site request forgery vulnerability in Jenkins Static Analysis Utilities Plugin 1.95 and earlier in the DefaultGraphConfigurationView#doSave form handler method allowed attackers to change the per-job default graph configuration for all users.

6.5CVSS6.3AI score0.00194EPSS

CVE•added 2017/10/05 1:29 a.m.•48 views

CVE-2017-1000102

The Details view of some Static Analysis Utilities based plugins, was vulnerable to a persisted cross-site scripting vulnerability: Malicious users able to influence the input to these plugins, for example the console output which is parsed to extract build warnings (Warnings Plugin), could insert ...

5.4CVSS5.2AI score0.00049EPSS

CVE•added 2019/04/30 1:29 p.m.•47 views

CVE-2019-10308

A missing permission check in Jenkins Static Analysis Utilities Plugin 1.95 and earlier in the DefaultGraphConfigurationView#doSave form handler method allowed attackers with Overall/Read permission to change the per-job default graph configuration for all users.

6.5CVSS6.3AI score0.00084EPSS