cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-43427,https://securityvulnerability.io/vulnerability/CVE-2022-43427,Permission Check Bypass in Jenkins Compuware Topaz for Total Test Plugin,"The Compuware Topaz for Total Test Plugin in Jenkins fails to enforce proper permission checks on several HTTP endpoints. This flaw permits attackers with Overall/Read permission to enumerate stored credential IDs within Jenkins, potentially exposing sensitive information. Administrators should apply the necessary updates to mitigate the risk and enhance security measures.",Jenkins,Jenkins Compuware Topaz For Total Test Plugin,4.3,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2022-10-19T00:00:00.000Z,0
CVE-2022-43428,https://securityvulnerability.io/vulnerability/CVE-2022-43428,Agent/Controller Message Execution Flaw in Jenkins Compuware Topaz for Total Test Plugin,"The Jenkins Compuware Topaz for Total Test Plugin incorporates a vulnerability where an agent/controller message lacks restrictions on its execution context. This imperfection permits attackers with control over agent processes to access sensitive Java system properties from the Jenkins controller process, increasing the risk of unauthorized information disclosure and potential subsequent attacks.",Jenkins,Jenkins Compuware Topaz For Total Test Plugin,5.3,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2022-10-19T00:00:00.000Z,0
CVE-2022-43429,https://securityvulnerability.io/vulnerability/CVE-2022-43429,File Reading Vulnerability in Jenkins Compuware Topaz for Total Test Plugin,"The Jenkins Compuware Topaz for Total Test Plugin prior to version 2.4.9 allows unrestricted execution of agent/controller messages, enabling attackers with control over agent processes to access and read arbitrary files from the Jenkins controller file system. This results in a significant security risk, as sensitive information could be exposed if exploited.",Jenkins,Jenkins Compuware Topaz For Total Test Plugin,7.5,HIGH,0.0013299999991431832,false,,false,false,false,,,false,false,,2022-10-19T00:00:00.000Z,0
CVE-2022-43430,https://securityvulnerability.io/vulnerability/CVE-2022-43430,XML External Entity Vulnerability in Jenkins Compuware Topaz for Total Test Plugin,"The Jenkins Compuware Topaz for Total Test Plugin does not properly configure its XML parser, leaving it open to XML External Entity (XXE) attacks. This vulnerability can enable attackers to exploit the plugin by injecting malicious XML input, potentially leading to unauthorized access to sensitive information or even system compromise. Users are urged to upgrade to the latest version to mitigate risks associated with this vulnerability.",Jenkins,Jenkins Compuware Topaz For Total Test Plugin,7.5,HIGH,0.0013299999991431832,false,,false,false,false,,,false,false,,2022-10-19T00:00:00.000Z,0