Synopsys Jenkins Coverity Plugin vulnerabilities
3 known vulnerabilities affecting synopsys/synopsys_jenkins_coverity_plugin.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM2LOW1
Vulnerabilities
Page 1 of 1
CVE-2023-23850MEDIUMCVSS 4.3≥ unspecified, ≤ 3.0.22023-02-15
CVE-2023-23850 [MEDIUM] CWE-862 CVE-2023-23850: A missing permission check in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allows attackers wi
A missing permission check in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
cvelistv5nvd
CVE-2023-23848MEDIUMCVSS 4.3≥ unspecified, ≤ 3.0.22023-02-15
CVE-2023-23848 [MEDIUM] CWE-862 CVE-2023-23848: Missing permission checks in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allow attackers with
Missing permission checks in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
cvelistv5nvd
CVE-2023-23847LOWCVSS 3.5≥ unspecified, ≤ 3.0.22023-02-15
CVE-2023-23847 [LOW] CWE-352 CVE-2023-23847: A cross-site request forgery (CSRF) vulnerability in Synopsys Jenkins Coverity Plugin 3.0.2 and earl
A cross-site request forgery (CSRF) vulnerability in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
cvelistv5nvd