VYPR

Coverage Plugin

by Jenkins Project

Source repositories

CVEs (1)

  • CVE-2025-67641Dec 10, 2025
    risk 0.00cvss epss 0.00

    Jenkins Coverage Plugin 2.3054.ve1ff7b_a_a_123b_ and earlier does not validate the configured coverage results ID when creating coverage results, only when submitting the job configuration through the UI, allowing attackers with Item/Configure permission to use a `javascript:`…