cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-41241,https://securityvulnerability.io/vulnerability/CVE-2022-41241,XML External Entity Vulnerability in Jenkins RQM Plugin,The RQM Plugin for Jenkins versions up to 2.8 is susceptible to XML External Entity (XXE) attacks due to improper configuration of its XML parser. This vulnerability may lead to unauthorized access to sensitive files or enable malicious entities to perform data manipulation and disclose confidential information. The lack of safeguards against external entities in XML documents poses a significant threat to the security integrity of Jenkins environments utilizing this plugin.,Jenkins,Jenkins Rqm Plugin,9.1,CRITICAL,0.0015200000489130616,false,,false,false,false,,,false,false,,2022-09-21T15:46:00.000Z,0
CVE-2022-34810,https://securityvulnerability.io/vulnerability/CVE-2022-34810,Missing Permission Check in Jenkins RQM Plugin Exposes Credential IDs,"The Jenkins RQM Plugin version 2.8 and earlier contains a vulnerability that allows users with Overall/Read permission to enumerate the IDs of credentials stored within Jenkins. This missing permission check could potentially expose sensitive information to unauthorized users, posing a significant security risk to Jenkins environments. It is crucial for administrators to apply the necessary updates or mitigations to safeguard against any unauthorized access that could exploit this vulnerability.",Jenkins,Jenkins Rqm Plugin,6.5,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2022-06-30T17:48:59.000Z,0
CVE-2022-34809,https://securityvulnerability.io/vulnerability/CVE-2022-34809,Unencrypted Password Storage in Jenkins RQM Plugin by Jenkins,"The Jenkins RQM Plugin versions 2.8 and earlier are susceptible to a security flaw where passwords are stored unencrypted in the global configuration file of the Jenkins controller. This configuration file is accessible to users with access rights to the Jenkins file system, potentially exposing sensitive information and compromising security. For further details, visit the Jenkins security advisory.",Jenkins,Jenkins Rqm Plugin,6.5,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2022-06-30T17:48:53.000Z,0