cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-35142,https://securityvulnerability.io/vulnerability/CVE-2023-35142,Vulnerability in Checkmarx Plugin for Jenkins,"The Jenkins Checkmarx Plugin prior to version 2022.4.4 is vulnerable due to disabling SSL/TLS validation by default for connections to the Checkmarx server, potentially allowing man-in-the-middle (MitM) attacks. This can expose sensitive data and compromise security protocols, putting users at risk if an attacker intercepts the communication.",Jenkins,Jenkins Checkmarx Plugin,8.1,HIGH,0.0021200000774115324,false,,false,false,false,,,false,false,,2023-06-14T13:15:00.000Z,0
CVE-2022-46684,https://securityvulnerability.io/vulnerability/CVE-2022-46684,Stored Cross-Site Scripting Vulnerability in Jenkins Checkmarx Plugin by Jenkins,"The Jenkins Checkmarx Plugin prior to version 2022.3.3 is susceptible to a stored cross-site scripting (XSS) vulnerability. This occurs when values retrieved from the Checkmarx service API are not properly escaped before being rendered in HTML reports. If an attacker exploits this vulnerability, they can inject malicious scripts, compromising the security of the Jenkins environment and potentially affecting users who view the reports.",Jenkins,Jenkins Checkmarx Plugin,5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2022-12-12T09:15:00.000Z,0
CVE-2022-25201,https://securityvulnerability.io/vulnerability/CVE-2022-25201,Missing Permission Checks in Jenkins Checkmarx Plugin Exposes User Credentials,"The Checkmarx Plugin for Jenkins has a vulnerability that allows attackers with Overall/Read permissions to exploit insufficient permission checks. This flaw enables unauthorized users to connect to a web server of their choice while utilizing credentials obtained through other means, which may lead to the unauthorized capture of sensitive Jenkins credentials.",Jenkins,Jenkins Checkmarx Plugin,6.5,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2022-02-15T16:11:34.000Z,0
CVE-2022-25200,https://securityvulnerability.io/vulnerability/CVE-2022-25200,Cross-Site Request Forgery in Jenkins Checkmarx Plugin,"A cross-site request forgery vulnerability exists in the Jenkins Checkmarx Plugin version 2022.1.2 and prior. This flaw enables attackers to forge requests that can connect to a malicious web server using credentials obtained through other means. If exploited, this could result in unauthorized access to sensitive stored credentials, posing a significant risk to users of the Jenkins platform.",Jenkins,Jenkins Checkmarx Plugin,8.8,HIGH,0.0008800000068731606,false,,false,false,false,,,false,false,,2022-02-15T16:11:33.000Z,0