Coverity
by Black Duck
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-12021 | Hig | 0.55 | — | 0.00 | Mar 31, 2025 | Coverity versions prior to 2024.9.0 are vulnerable to stored cross-site scripting (XSS) in various administrative interfaces. The impact of exploitation may result in the compromise of local accounts managed by the Coverity platform as well as other standard impacts resulting… | ||
| CVE-2026-1496 | 0.00 | — | 0.00 | Mar 27, 2026 | Vulnerable versions of Coverity Connect lack an error handler in the authentication logic for command line tooling that makes it vulnerable to an authentication bypass. A malicious actor with access to the /token API endpoint that either knows or guesses a valid username, can… | |||
| CVE-2023-1663 | 0.00 | — | 0.00 | Mar 29, 2023 | Coverity versions prior to 2023.3.2 are vulnerable to forced browsing, which exposes authenticated resources to unauthorized actors. The root cause of this vulnerability is an insecurely configured servlet mapping for the underlying Apache Tomcat server. As a result, the… |
- risk 0.55cvss —epss 0.00
Coverity versions prior to 2024.9.0 are vulnerable to stored cross-site scripting (XSS) in various administrative interfaces. The impact of exploitation may result in the compromise of local accounts managed by the Coverity platform as well as other standard impacts resulting…
- CVE-2026-1496Mar 27, 2026risk 0.00cvss —epss 0.00
Vulnerable versions of Coverity Connect lack an error handler in the authentication logic for command line tooling that makes it vulnerable to an authentication bypass. A malicious actor with access to the /token API endpoint that either knows or guesses a valid username, can…
- CVE-2023-1663Mar 29, 2023risk 0.00cvss —epss 0.00
Coverity versions prior to 2023.3.2 are vulnerable to forced browsing, which exposes authenticated resources to unauthorized actors. The root cause of this vulnerability is an insecurely configured servlet mapping for the underlying Apache Tomcat server. As a result, the…