GHSA-jrhw-r343-pjwj
Suggest an improvement- Source
- https://github.com/advisories/GHSA-jrhw-r343-pjwj
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-jrhw-r343-pjwj/GHSA-jrhw-r343-pjwj.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-jrhw-r343-pjwj
- Aliases
-
- CVE-2018-1000147
- Published
- 2022-05-14T03:23:45Z
- Modified
- 2024-02-16T07:45:14.075123Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- Jenkins Perforce Plugin exposure of sensitive information vulnerability exists
- Details
-
An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with insufficient permission to obtain Perforce passwords configured in jobs to obtain them
- Database specific
{ "nvd_published_at": "2018-04-05T13:29:00Z", "cwe_ids": [ "CWE-200" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2024-01-09T21:03:18Z" }- References
Affected packages
Maven / org.jvnet.hudson.plugins:perforce
Package
- Name
- org.jvnet.hudson.plugins:perforce
- View open source insights on deps.dev
- Purl
- pkg:maven/org.jvnet.hudson.plugins/perforce
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedLast affected1.3.36
Affected versions
1.*
1.0.7
1.0.8
1.0.9
1.0.13
1.0.14
1.0.15
1.0.16
1.0.17
1.0.18
1.0.19
1.0.20
1.0.21
1.0.22
1.0.23
1.0.24
1.0.25
1.0.26
1.0.27
1.0.28
1.0.29
1.1.0
1.1.1
1.1.2
1.1.3
1.1.4
1.1.5
1.1.6
1.1.7
1.1.8
1.1.9
1.1.10
1.1.11
1.1.12
1.1.13
1.1.14
1.2.0
1.2.1
1.2.2
1.2.3
1.2.4
1.2.5
1.2.6
1.2.7
1.2.8
1.2.9
1.3.0
1.3.1
1.3.2
1.3.3
1.3.4
1.3.5
1.3.6
1.3.7
1.3.8
1.3.9
1.3.10
1.3.11
1.3.12
1.3.13
1.3.14
1.3.15
1.3.16
1.3.17
1.3.18
1.3.19
1.3.20
1.3.21
1.3.22
1.3.23
1.3.24
1.3.25
1.3.26
1.3.27
1.3.29
1.3.31
1.3.33
1.3.34
1.3.35
1.3.36