Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Rqm
(Jenkins)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 3 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-06-30 | CVE-2022-34809 | Jenkins RQM Plugin 2.8 and earlier stores a password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. | Rqm | 6.5 | ||
| 2022-06-30 | CVE-2022-34810 | A missing check in Jenkins RQM Plugin 2.8 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | Rqm | 6.5 | ||
| 2022-09-21 | CVE-2022-41241 | Jenkins RQM Plugin 2.8 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | Rqm | 9.1 |