CVE-2018-1999028
- Source
- https://cve.org/CVERecord?id=CVE-2018-1999028
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1999028.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2018-1999028
- Aliases
- Published
- 2018-08-01T13:29:00.513Z
- Modified
- 2025-11-20T10:48:28.182327Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
An exposure of sensitive information vulnerability exists in Jenkins Accurev Plugin 0.7.16 and earlier in AccurevSCM.java that allows attackers to capture credentials with a known credentials ID stored in Jenkins.
- References
Affected packages
Git / github.com/jenkinsci/accurev-plugin
Affected ranges
- Type
- GIT
- Repo
- https://github.com/jenkinsci/accurev-plugin
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
accurev-0.*
accurev-0.6.13
accurev-0.6.14
accurev-0.6.15
accurev-0.6.16
accurev-0.6.17
accurev-0.6.18
accurev-0.6.19
accurev-0.6.20
accurev-0.6.21
accurev-0.6.22
accurev-0.6.23
accurev-0.6.24
accurev-0.6.25
accurev-0.6.26
accurev-0.6.27
accurev-0.6.28
accurev-0.6.29
accurev-0.6.30
accurev-0.6.31
accurev-0.6.32
accurev-0.6.33
accurev-0.6.34
accurev-0.6.35
accurev-0.7.0
accurev-0.7.1
accurev-0.7.10
accurev-0.7.11
accurev-0.7.13
accurev-0.7.14
accurev-0.7.15
accurev-0.7.16
accurev-0.7.2
accurev-0.7.3
accurev-0.7.4
accurev-0.7.5
accurev-0.7.6
accurev-0.7.7
accurev-0.7.8
accurev-0.7.9