Skip to main content

Synopsys Coverity

3 CVEs product

Monthly

CVE-2023-23850 Maven MEDIUM PATCH This Month

A missing permission check in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Authentication Bypass Synopsys Coverity
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2023-23848 Maven MEDIUM PATCH This Month

Missing permission checks in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Authentication Bypass Synopsys Coverity
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2023-23847 Maven LOW PATCH Monitor

A cross-site request forgery (CSRF) vulnerability in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins CSRF Synopsys Coverity
NVD
CVSS 3.1
3.5
EPSS
0.4%
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

A missing permission check in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Authentication Bypass Synopsys Coverity
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Missing permission checks in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Authentication Bypass Synopsys Coverity
NVD
EPSS 0% CVSS 3.5
LOW PATCH Monitor

A cross-site request forgery (CSRF) vulnerability in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins CSRF Synopsys Coverity
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy