Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 1:23 a.m.8 views

CVE-2022-43430

Jenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

7.5CVSS6.8AI score0.00712EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:5 a.m.7 views

CVE-2022-43423

Jenkins Compuware Source Code Download for Endevor, PDS, and ISPW Plugin 2.0.12 and earlier implements an agent/controller message that does not limit where it can be executed, allowing attackers able to control agent processes to obtain the values of Java system properties from the Jenkins...

5.3CVSS6.8AI score0.00579EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:13 p.m.7 views

CVE-2022-36899

Jenkins Compuware ISPW Operations Plugin 1.0.8 and earlier does not restrict execution of a controller/agent message to agents, allowing attackers able to control agent processes to retrieve Java system properties...

8.2CVSS6.8AI score0.0085EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:58 p.m.10 views

CVE-2022-43427

Jenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

4.3CVSS6.5AI score0.00457EPSS
Exploits0References1
Prion
Prion
added 2022/10/19 4:15 p.m.30 views

Design/Logic Flaw

Jenkins Compuware Xpediter Code Coverage Plugin 1.0.7 and earlier implements an agent/controller message that does not limit where it can be executed, allowing attackers able to control agent processes to obtain the values of Java system properties from the Jenkins controller process...

5CVSS5.2AI score0.00647EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/10/19 12:0 a.m.4 views

CVE-2022-43430

Jenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

7.5AI score0.00712EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/10/19 12:0 a.m.5 views

PT-2022-26912 · Compuware +1 · Jenkins Compuware Topaz For Total Test Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Compuware Topaz for Total Test Plugin versions 2.4.8 and earlier Description: The issue allows attackers who can control agent processes to obtain the values of Java system properties from the Jenkins controller process due to an...

7.5CVSS5.3AI score0.00647EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2022/10/19 12:0 a.m.7 views

CVE-2022-43424

Jenkins Compuware Xpediter Code Coverage Plugin 1.0.7 and earlier implements an agent/controller message that does not limit where it can be executed, allowing attackers able to control agent processes to obtain the values of Java system properties from the Jenkins controller process...

6.7AI score0.00647EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/10/19 12:0 a.m.7 views

CVE-2022-43428

Jenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier implements an agent/controller message that does not limit where it can be executed, allowing attackers able to control agent processes to obtain the values of Java system properties from the Jenkins controller process...

5.2AI score0.00647EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/09/21 3:45 p.m.6 views

CVE-2022-41226

Jenkins Compuware Common Configuration Plugin 1.0.14 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

9.5AI score0.00787EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/08/10 12:0 a.m.7 views

The vulnerability of the Jenkins Compuware Xpediter Code Coverage Plugin, related to deficiencies in authentication procedures, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Jenkins Compuware Xpediter Code Coverage Plugin is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

4.3CVSS5.5AI score0.00569EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2022/07/27 3:15 p.m.19 views

Code injection

Jenkins Compuware ISPW Operations Plugin 1.0.8 and earlier does not restrict execution of a controller/agent message to agents, allowing attackers able to control agent processes to retrieve Java system properties...

6.4CVSS8.1AI score0.0085EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder