Black Duck Coverity vulnerabilities
2 known vulnerabilities affecting black_duck/coverity.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2026-1496P2CRITICALCVSS 9.3≥ 2024.3.0, < 2025.12.02026-03-27
CVE-2026-1496 [CRITICAL] CWE-639 CVE-2026-1496: Vulnerable versions of Coverity Connect lack an error handler in the authentication logic for comman
Vulnerable versions of Coverity Connect lack an error handler in the authentication logic for command line tooling that makes it vulnerable to an authentication bypass. A malicious actor with access to the /token API endpoint that either knows or guesses a valid username, can use this in a specially crafted HTTP request to bypass authentication. Suc
nvd
CVE-2024-12021P3HIGHCVSS 8.5fixed in 2024.9.02025-03-31
CVE-2024-12021 [HIGH] CWE-79 CVE-2024-12021: Coverity versions prior to 2024.9.0 are vulnerable to stored cross-site scripting (XSS) in various a
Coverity versions prior to 2024.9.0 are vulnerable to stored cross-site scripting (XSS) in various administrative interfaces. The impact of exploitation may result in the compromise of local accounts managed by the Coverity platform as well as other standard impacts resulting from cross-site scripting.
nvd