Skip to main content

Cppcheck

2 CVEs product

Monthly

CVE-2023-39070 HIGH POC This Week

An issue in Cppcheck 2.12 dev allows a local attacker to execute arbitrary code via the removeContradiction parameter in token.cpp:1934. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Use After Free RCE Memory Corruption Cppcheck
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-28678 Maven MEDIUM This Month

Jenkins Cppcheck Plugin 1.26 and earlier does not escape file names from Cppcheck report files before showing them on the Jenkins UI, resulting in a stored cross-site scripting (XSS) vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins XSS Cppcheck
NVD
CVSS 3.1
5.4
EPSS
0.5%
EPSS 0% CVSS 7.8
HIGH POC This Week

An issue in Cppcheck 2.12 dev allows a local attacker to execute arbitrary code via the removeContradiction parameter in token.cpp:1934. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Use After Free RCE Memory Corruption +1
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Jenkins Cppcheck Plugin 1.26 and earlier does not escape file names from Cppcheck report files before showing them on the Jenkins UI, resulting in a stored cross-site scripting (XSS) vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins XSS Cppcheck
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy