CVE-2025-58459
Jenkins global-build-stats Plugin 322.v22f4db_18e2dd and earlier does not perform permission checks in its REST API endpoints, allowing attackers with Overall/Read permission to enumerate graph IDs.
| Software | From | Fixed in |
|---|---|---|
org.jenkins-ci.plugins / global-build-stats
|
- | 347.v32a |
| jenkins / global_build_stats | - | 322.v22f4db_18e2dd.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime