CVE-2018-1000145

An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with local file system access to obtain encrypted Perforce passwords and decrypt them...

EUVD-2022-4427

Malicious code in bioql PyPI...

SUSE CVE-2018-1000145

An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with local file system access to obtain encrypted Perforce passwords and decrypt them...

SUSE CVE-2018-1000147

An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with insufficient permission to obtain Perforce passwords configured in jobs to obtain them...

hudson.plugins.reviewboard:reviewboard (>=1.0 <=1.0.0), org.hudsonci.plugins:reviewboard (=1.0.2-h-1) potentially affected by CVE-2018-1000147 via org.jvnet.hudson.plugins:perforce (>=1.0.28 <=1.1.14)

org.jvnet.hudson.plugins:perforce MAVEN version =1.0.28, =1.0, =1.0.0 - org.hudsonci.plugins:reviewboard =1.0.2-h-1 Source cves: CVE-2018-1000147 Source advisory: OSV:GHSA-JRHW-R343-PJWJ...

hudson.plugins.reviewboard:reviewboard (>=1.0 <=1.0.0), org.hudsonci.plugins:reviewboard (=1.0.2-h-1) potentially affected by CVE-2018-1000145 via org.jvnet.hudson.plugins:perforce (>=1.0.28 <=1.1.14)

org.jvnet.hudson.plugins:perforce MAVEN version =1.0.28, =1.0, =1.0.0 - org.hudsonci.plugins:reviewboard =1.0.2-h-1 Source cves: CVE-2018-1000145 Source advisory: OSV:GHSA-CWXX-GWWJ-PQJQ...

Jenkins 访问控制错误漏洞

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . An Access Control Error...

PT-2021-14698 · Jenkins · Jenkins P4 Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins P4 Plugin versions 1.11.4 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and password. The issue is...

PT-2021-14697 · Jenkins · Jenkins P4 Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins P4 Plugin versions 1.11.4 and earlier Description: The issue allows attackers with Overall/Read permission to connect to an attacker-specified Perforce server using attacker-specified username and password. This is due to a lack of...

CloudBees Jenkins P4 plugin cross-site request forgery vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . P4 Plugin is used in one of the Perforce...

CVE-2020-2141

A cross-site request forgery vulnerability in Jenkins P4 Plugin 1.10.10 and earlier allows attackers to trigger builds or add a labels in Perforce...

PT-2020-15352 · Jenkins · Jenkins P4 Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins P4 Plugin versions 1.10.10 and earlier Description: A cross-site request forgery issue allows attackers to trigger builds or add labels in Perforce. Recommendations: For Jenkins P4 Plugin versions 1.10.10 and earlier, update to a...

CVE-2018-1000147

An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with insufficient permission to obtain Perforce passwords configured in jobs to obtain them...

CVE-2018-1000147

An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with insufficient permission to obtain Perforce passwords configured in jobs to obtain them...

Information disclosure

An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with local file system access to obtain encrypted Perforce passwords and decrypt them...

CVE-2018-1000145

CVE-2018-1000145 affects the Jenkins Perforce Plugin up to version 1.3.36 and older. The issue is in PerforcePasswordEncryptor.java, where an attacker with local file system access can obtain encrypted Perforce passwords and decrypt them. The connected documents corroborate that this is a sensiti...

CVE-2018-1000145

An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with local file system access to obtain encrypted Perforce passwords and decrypt them...

CVE-2018-1000147

Jenkins Perforce Plugin vulnerability CVE-2018-1000147 affects versions 1.3.36 and earlier, where PerforcePasswordEncryptor.java leaks Perforce passwords configured in jobs to attackers with insufficient permissions. Exploitation details, affected versions, and impact are described in multiple so...