Jenkins Global-build-stats — known CVE vulnerabilities
Every CVE whose affected-product data names Jenkins Global-build-stats, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2017-1000389 — CVSS 6.1 (medium): Some URLs provided by Jenkins global-build-stats plugin version 1.4 and earlier returned a JSON response that contained request parameters…
CVE-2022-27207 — CVSS 4.8 (medium): Jenkins global-build-stats Plugin 1.5 and earlier does not escape multiple fields in the chart configuration on the 'Global Build Stats'…