pkg:maven/org.jenkins-ci.plugins/coverity
Type
maven
Namespace
org.jenkins-ci.plugins
Name
coverity
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/coverity package.
High
3
Moderate
1
Medium
1
Low
1
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | <= 1.11.4 |
CVE-2022-36919
|
JENKINS:SECURITY-2790-1 | Missing permission check in `coverity` allows enumerating credentials IDs | medium |
2022-07-27T00:00:00
(2 years ago) |
|
Affected | <= 1.11.4 |
CVE-2022-36920
CVE-2022-36921 |
JENKINS:SECURITY-2790-2 | CSRF vulnerability and missing permission check in `coverity` allow capturing credentials | high |
2022-07-27T00:00:00
(2 years ago) |
|
Affected | <= 1.11.4 |
CVE-2022-36920
|
MAVEN:GHSA-5X3F-7M52-9CGF | Jenkins Coverity Plugin vulnerable to cross-site request forgery (CSRF) | high |
2022-07-28T00:00:42
(2 years ago) |
|
Affected | <= 1.11.4 |
CVE-2022-36921
|
MAVEN:GHSA-99MQ-HW5M-GWJJ | Missing permission check in Coverity Plugin allows capturing credentials | high |
2022-07-28T00:00:42
(2 years ago) |
|
Affected | <= 1.10.0 |
CVE-2018-1000104
|
MAVEN:GHSA-CGHG-JCV6-4V5M | Jenkins Coverity Plugin has Insufficiently Protected Credentials | low |
2022-05-13T01:48:31
(2 years ago) |
|
Fixed | = 1.11.0 |
CVE-2018-1000104
|
MAVEN:GHSA-CGHG-JCV6-4V5M | Jenkins Coverity Plugin has Insufficiently Protected Credentials | low |
2022-05-13T01:48:31
(2 years ago) |
|
Affected | <= 1.11.4 |
CVE-2022-36919
|
MAVEN:GHSA-X7W4-VFRH-FC3H | Jenkins Coverity Plugin allows attackers with Overall/Read permission to enumerate credentials IDs | moderate |
2022-07-28T00:00:42
(2 years ago) |