cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-43424,https://securityvulnerability.io/vulnerability/CVE-2022-43424,Code Coverage Plugin for Jenkins Exposes Java System Properties,"The Compuware Xpediter Code Coverage Plugin for Jenkins versions 1.0.7 and earlier contains a flaw in its agent/controller message handling. This vulnerability allows attackers who have control over agent processes to execute commands without restriction. Consequently, these attackers can gather sensitive Java system property values from the Jenkins controller process, potentially leading to unauthorized access and information leakage.",Jenkins,Jenkins Compuware Xpediter Code Coverage Plugin,5.3,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2022-10-19T00:00:00.000Z,0
CVE-2022-36897,https://securityvulnerability.io/vulnerability/CVE-2022-36897,Missing Permission Check in Jenkins Compuware Xpediter Code Coverage Plugin,"The Compuware Xpediter Code Coverage Plugin for Jenkins has a critical oversight where a missing permission check allows users with Overall/Read permission to enumerate detailed configurations. This vulnerability could lead to the exposure of sensitive information, including the hosts and ports of Compuware configurations, as well as the credentials IDs stored within Jenkins, posing a significant risk to the security of sensitive data.",Jenkins,Jenkins Compuware Xpediter Code Coverage Plugin,4.3,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2022-07-27T14:24:12.000Z,0