WEB APPLICATION VULNERABILITIES SCA (Software Composition Analysis)

CVE-2018-1000145 Vulnerability in maven package org.jvnet.hudson.plugins:perforce

Description

An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with local file system access to obtain encrypted Perforce passwords and decrypt them.

Remediation

References

https://jenkins.io/security/advisory/2018-03-26/#SECURITY-373

Related Vulnerabilities

CVE-2023-30548 Vulnerability in npm package gatsby-plugin-sharp

CVE-2018-1322 Vulnerability in maven package org.apache.syncope:syncope-core

CVE-2019-12399 Vulnerability in maven package org.apache.kafka:kafka

CVE-2020-13942 Vulnerability in maven package org.apache.unomi:unomi-persistence-elasticsearch-core

CVE-2016-0706 Vulnerability in maven package org.apache.tomcat:tomcat-catalina

Severity

High

Classification

CWE-200 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Tags

Vendor Advisory