CVE-2022-36920
- EPSS 0.1%
- Veröffentlicht 27.07.2022 15:15:13
- Zuletzt bearbeitet 21.11.2024 07:14:05
A cross-site request forgery (CSRF) vulnerability in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials s...
CVE-2022-36921
- EPSS 0.55%
- Veröffentlicht 27.07.2022 15:15:13
- Zuletzt bearbeitet 21.11.2024 07:14:05
A missing permission check in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credent...
CVE-2022-36919
- EPSS 0.4%
- Veröffentlicht 27.07.2022 15:15:12
- Zuletzt bearbeitet 21.11.2024 07:14:05
A missing permission check in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
CVE-2018-1000104
- EPSS 0.01%
- Veröffentlicht 13.03.2018 13:29:00
- Zuletzt bearbeitet 21.11.2024 03:39:39
A plaintext storage of a password vulnerability exists in Jenkins Coverity Plugin 1.10.0 and earlier in CIMInstance.java that allows an attacker with local file system access or control of a Jenkins administrator's web browser (e.g. malicious extensi...