CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-43424
https://notcve.org/view.php?id=CVE-2022-43424
19 Oct 2022 — Jenkins Compuware Xpediter Code Coverage Plugin 1.0.7 and earlier implements an agent/controller message that does not limit where it can be executed, allowing attackers able to control agent processes to obtain the values of Java system properties from the Jenkins controller process. El plugin de cobertura de código de Jenkins Compuware Xpediter versiones 1.0.7 y anteriores, implementa un mensaje de agente/controlador que no limita dónde puede ser ejecutado, permitiendo a atacantes capaces de controlar los... • http://www.openwall.com/lists/oss-security/2022/10/19/3 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-36897
https://notcve.org/view.php?id=CVE-2022-36897
27 Jul 2022 — A missing permission check in Jenkins Compuware Xpediter Code Coverage Plugin 1.0.7 and earlier allows attackers with Overall/Read permission to enumerate hosts and ports of Compuware configurations and credentials IDs of credentials stored in Jenkins. Una comprobación de permiso faltante en Jenkins Compuware Xpediter Code Coverage Plugin versiones 1.0.7 y anteriores, permite a atacantes con permiso Overall/Read enumerar hosts y puertos de configuraciones de Compuware y credenciales IDs de credenciales alma... • http://www.openwall.com/lists/oss-security/2022/07/27/1 • CWE-862: Missing Authorization •