cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-36921,https://securityvulnerability.io/vulnerability/CVE-2022-36921,Jenkins Coverity Plugin Vulnerability Exposes User Credentials,"A vulnerability in the Jenkins Coverity Plugin permits attackers with Overall/Read permissions to connect to unauthorized URLs using compromised credential IDs. This flaw potentially leads to unauthorized access and exposure of sensitive credentials stored in Jenkins, as attackers can manipulate the connection parameters to retrieve confidential information without appropriate authorization.",Jenkins,Jenkins Coverity Plugin,8.1,HIGH,0.0006300000241026282,false,,false,false,false,,,false,false,,2022-07-27T14:29:16.000Z,0
CVE-2022-36920,https://securityvulnerability.io/vulnerability/CVE-2022-36920,Cross-Site Request Forgery Vulnerability in Jenkins Coverity Plugin,"The vulnerability allows an attacker to exploit the Jenkins Coverity Plugin, specifically versions 1.11.4 and earlier, to initiate unauthorized requests to an attacker-specified URL. By leveraging user credentials stored in Jenkins, an attacker can manipulate the system into connecting to malicious sites, thereby capturing sensitive information such as user credentials. This makes it crucial for users to upgrade to a secure version of the plugin and implement appropriate security measures to prevent exploitation.",Jenkins,Jenkins Coverity Plugin,8.8,HIGH,0.000910000002477318,false,,false,false,false,,,false,false,,2022-07-27T14:29:01.000Z,0
CVE-2022-36919,https://securityvulnerability.io/vulnerability/CVE-2022-36919,Unauthorized Credential Enumeration in Jenkins Coverity Plugin,"A missing permission check in the Jenkins Coverity Plugin (versions 1.11.4 and earlier) can be exploited by attackers with Overall/Read permissions. This flaw allows them to enumerate the IDs of stored credentials within Jenkins, potentially leading to unauthorized access and data leaks. Organizations utilizing this plugin should assess their security posture and apply the necessary updates to mitigate this vulnerability.",Jenkins,Jenkins Coverity Plugin,4.3,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2022-07-27T14:28:45.000Z,0