Description
An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with insufficient permission to obtain Perforce passwords configured in jobs to obtain them
Remediation
References
https://jenkins.io/security/advisory/2018-03-26/#SECURITY-536
Related Vulnerabilities
CVE-2013-6372 Vulnerability in maven package org.jenkins-ci.plugins:subversion
CVE-2023-35142 Vulnerability in maven package com.checkmarx.jenkins:checkmarx
CVE-2023-26473 Vulnerability in maven package org.xwiki.platform:xwiki-platform-query-manager
CVE-2022-34800 Vulnerability in maven package tools.devnull:build-notifications
CVE-2020-4076 Vulnerability in maven package org.webjars.npm:electron