CVE-2018-1999036
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2018-1999036
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1999036.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2018-1999036
- Aliases
- Published
- 2018-08-01T13:29:00Z
- Modified
- 2025-01-14T07:27:25.199199Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
An exposure of sensitive information vulnerability exists in Jenkins SSH Agent Plugin 1.15 and earlier in SSHAgentStepExecution.java that exposes the SSH private key password to users with permission to read the build log.
- References
Affected packages
Git / github.com/jenkinsci/ssh-agent-plugin
Affected ranges
- Type
- GIT
- Repo
- https://github.com/jenkinsci/ssh-agent-plugin
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
ssh-agent-0.*
ssh-agent-0.1
ssh-agent-1.*
ssh-agent-1.0
ssh-agent-1.1
ssh-agent-1.10
ssh-agent-1.11
ssh-agent-1.12
ssh-agent-1.13
ssh-agent-1.14
ssh-agent-1.15
ssh-agent-1.2
ssh-agent-1.3
ssh-agent-1.4
ssh-agent-1.4.1
ssh-agent-1.4.2
ssh-agent-1.5
ssh-agent-1.6
ssh-agent-1.7
ssh-agent-1.8
ssh-agent-1.9