Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Veracode Security Vulnerabilities

cve
cve

CVE-2023-25722

A credential-leak issue was discovered in related Veracode products before 2023-03-27. Veracode Scan Jenkins Plugin before 23.3.19.0, when configured for remote agent jobs, invokes the Veracode Java API Wrapper in a manner that allows local users (with OS-level access of the Jenkins remote) to...

5.5CVSS

5.4AI Score

0.0004EPSS

2023-03-28 08:15 PM
34
cve
cve

CVE-2023-25721

Veracode Scan Jenkins Plugin before 23.3.19.0, when the "Connect using proxy" option is enabled and configured with proxy credentials and when the Jenkins global system setting debug is enabled and when a scan is configured for remote agent jobs, allows users (with access to view the job log) to...

6.5CVSS

6.4AI Score

0.001EPSS

2023-03-28 08:15 PM
21
cve
cve

CVE-2019-1003070

Jenkins veracode-scanner Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file...

8.8CVSS

8.6AI Score

0.003EPSS

2019-04-04 04:29 PM
32