Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up
Jenkins project

jenkins_checkmarx

6 Versions 4 CVEs

Versions

next of 2022.1.2

OTHER 2 CVEs

2022.1.2

SEMANTIC 2 CVEs

2022.3.3

SEMANTIC 1 CVE

unspecified

OTHER 3 CVEs

2022.4.3

SEMANTIC 1 CVE

0

SINGLE_NUMBER 1 CVE

Recent CVEs

CVE-2023-35142

Jenkins Checkmarx Plugin 2022.4.3 and earlier disables SSL/TLS validation for connections to the Checkmarx server by default.

UNKNOWN Jun 14, 2023

CVE-2022-46684

Jenkins Checkmarx Plugin 2022.3.3 and earlier does not escape values returned from the Checkmarx service API before inserting them into HTML reports, resulting in a stored cross-site scripting (XSS) vulnerability.

UNKNOWN Dec 07, 2022

CVE-2022-25201

Missing permission checks in Jenkins Checkmarx Plugin 2022.1.2 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

UNKNOWN Feb 15, 2022

CVE-2022-25200

A cross-site request forgery (CSRF) vulnerability in Jenkins Checkmarx Plugin 2022.1.2 and earlier allows attackers to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

UNKNOWN Feb 15, 2022