Filtered by vendor Jenkins Subscriptions
Filtered by product Rqm Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-41241 1 Jenkins 1 Rqm 2024-11-21 9.1 Critical
Jenkins RQM Plugin 2.8 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
CVE-2022-34810 1 Jenkins 1 Rqm 2024-11-21 6.5 Medium
A missing check in Jenkins RQM Plugin 2.8 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
CVE-2022-34809 1 Jenkins 1 Rqm 2024-11-21 6.5 Medium
Jenkins RQM Plugin 2.8 and earlier stores a password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.