Coverity Plugin

CVEs (3)

CVE	Vendor / Product	CVSS	Published	Description
CVE-2022-36921	Jenkins Project Coverity Plugin	—	Jul 27, 2022	A missing permission check in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
CVE-2022-36920	Jenkins Project Coverity Plugin	—	Jul 27, 2022	A cross-site request forgery (CSRF) vulnerability in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
CVE-2022-36919	Jenkins Project Coverity Plugin	—	Jul 27, 2022	A missing permission check in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.

CVE-2022-36921Jul 27, 2022
Jenkins Project
Coverity Plugin
risk 0.00cvss —epss 0.00
A missing permission check in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
CVE-2022-36920Jul 27, 2022
Jenkins Project
Coverity Plugin
risk 0.00cvss —epss 0.00
A cross-site request forgery (CSRF) vulnerability in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
CVE-2022-36919Jul 27, 2022
Jenkins Project
Coverity Plugin
risk 0.00cvss —epss 0.00
A missing permission check in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.