Jenkins Synopsys Coverity vulnerabilities

CVE-2023-23848 [MEDIUM] CWE-862 CVE-2023-23848: Missing permission checks in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allow attackers with Missing permission checks in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

CVE-2023-23850 [MEDIUM] CWE-862 CVE-2023-23850: A missing permission check in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allows attackers wi A missing permission check in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.

CVE-2023-23847 [LOW] CWE-352 CVE-2023-23847: A cross-site request forgery (CSRF) vulnerability in Synopsys Jenkins Coverity Plugin 3.0.2 and earl A cross-site request forgery (CSRF) vulnerability in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.