Lucene search

Jenkins SSH Agent Plugin exposes SSH private key password to users with permission to read the build log

🗓️ 13 May 2022 01:55:50Reported by GitHub Advisory DatabaseType

Jenkins SSH Agent Plugin vulnerability exposing SSH private key passwor

Reporter	Title	Published	Views	Family All 6
Cvelist	CVE-2018-1999036	1 Aug 201813:00	–	cvelist
Prion	Information disclosure	1 Aug 201813:29	–	prion
OSV	CVE-2018-1999036	1 Aug 201813:29	–	osv
OSV	Jenkins SSH Agent Plugin exposes SSH private key password to users with permission to read the build log	13 May 202201:50	–	osv
CVE	CVE-2018-1999036	1 Aug 201813:29	–	cve
NVD	CVE-2018-1999036	1 Aug 201813:29	–	nvd

Vulners

Node

org.jenkins\-ci.plugins ssh\-agentRange≤1.15

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2018-1999036
jenkins	www.jenkins.io/security/advisory/2018-07-30/
github	www.github.com/jenkinsci/ssh-agent-plugin/commit/3a8abe1889d25f9a73cdba202cf27212b273de4d
github	www.github.com/advisories/GHSA-wwgx-94v6-fc2p

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

13 May 2022 01:50Current

1.7Low risk

Vulners AI Score1.7

CVSS24

CVSS36.5

EPSS0.00065

CWE-532