Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Jenkins Subscribe
Filtered by product Coverity
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-36921 1 Jenkins 1 Coverity 2022-08-03 N/A 8.1 HIGH
A missing permission check in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
CVE-2022-36920 1 Jenkins 1 Coverity 2022-08-03 N/A 8.8 HIGH
A cross-site request forgery (CSRF) vulnerability in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
CVE-2022-36919 1 Jenkins 1 Coverity 2022-08-03 N/A 4.3 MEDIUM
A missing permission check in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
CVE-2018-1000104 1 Jenkins 1 Coverity 2019-10-02 2.1 LOW 7.8 HIGH
A plaintext storage of a password vulnerability exists in Jenkins Coverity Plugin 1.10.0 and earlier in CIMInstance.java that allows an attacker with local file system access or control of a Jenkins administrator's web browser (e.g. malicious extension) to retrieve the configured keystore and private key passwords.