Synopsys Coverity
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Synopsys Coverity.
By the Year
In 2026 there have been 0 vulnerabilities in Synopsys Coverity. Coverity did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 2 | 5.70 |
It may take a day or so for new Coverity vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Synopsys Coverity Security Vulnerabilities
Coverity < 2023.3.2: Forced Browsing via insecure servlet mapping
CVE-2023-1663
5.3 - Medium
- March 29, 2023
Coverity versions prior to 2023.3.2 are vulnerable to forced browsing, which exposes authenticated resources to unauthorized actors. The root cause of this vulnerability is an insecurely configured servlet mapping for the underlying Apache Tomcat server. As a result, the downloads directory and its contents are accessible. 5.9 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L/E:P/RL:O/RC:C)
forced browsing
Coverity Connect <2022.12.0 Unauth XSS via Subdomain Cookie Attack
CVE-2023-23849
6.1 - Medium
- February 06, 2023
Versions of Coverity Connect prior to 2022.12.0 are vulnerable to an unauthenticated Cross-Site Scripting vulnerability. Any web service hosted on the same sub domain can set a cookie for the whole subdomain which can be used to bypass other mitigations in place for malicious purposes. CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/RL:O/RC:C
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Synopsys Coverity or by Synopsys? Click the Watch button to subscribe.
