org.jenkins-ci.plugins:maven-artifact-choicelistprovider (>=1.0.3 <=371.ve708f79022db_) potentially affected by CVE-2025-64133 via jp.ikedam.jenkins.plugins:extensible-choice-parameter (>=1.3.3 <=250.va_1cf60782b_1a_)

jp.ikedam.jenkins.plugins:extensible-choice-parameter MAVEN version =1.3.3, =1.0.3, =371.ve708f79022db Source cves: CVE-2025-64133 Source advisory: SNYK:JAVA-JPIKEDAMJENKINSPLUGINS-13775577...

Improper Access Control

maven-artifact-choicelistprovider is vulnerable to Improper Access Control. The vulnerability exists because the library does not set the appropriate context for credentials lookup, which allows an attacker with Item or Configure permission to access and capture credentials they are not entitled ...

Jenkins Maven Artifact ChoiceListProvider (Nexus) Plugin vulnerable to exposure of system-scoped credentials

Jenkins Maven Artifact ChoiceListProvider Nexus Plugin 1.14 and earlier does not set the appropriate context for credentials lookup, allowing the use of System-scoped credentials otherwise reserved for the global configuration. This allows attackers with Item/Configure permission to access and...

GHSA-97MG-9JHF-R7RM Jenkins Maven Artifact ChoiceListProvider (Nexus) Plugin vulnerable to exposure of system-scoped credentials

Jenkins Maven Artifact ChoiceListProvider Nexus Plugin 1.14 and earlier does not set the appropriate context for credentials lookup, allowing the use of System-scoped credentials otherwise reserved for the global configuration. This allows attackers with Item/Configure permission to access and...

CVE-2023-40347

Jenkins Maven Artifact ChoiceListProvider Nexus Plugin 1.14 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Item/Configure permission to access and capture credentials they are not entitled to...

Design/Logic Flaw

Jenkins Maven Artifact ChoiceListProvider Nexus Plugin 1.14 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Item/Configure permission to access and capture credentials they are not entitled to...

CVE-2023-40347

Jenkins Maven Artifact ChoiceListProvider Nexus Plugin 1.14 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Item/Configure permission to access and capture credentials they are not entitled to...

CVE-2023-40347

The CVE-2023-40347 entry concerns the Jenkins Maven Artifact ChoiceListProvider (Nexus) Plugin, affected in versions 1.14 and earlier. The root cause is that the plugin does not set the appropriate context for credentials lookup, enabling attackers with Item/Configure permission to access and cap...

CVE-2023-40347

Jenkins Maven Artifact ChoiceListProvider Nexus Plugin 1.14 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Item/Configure permission to access and capture credentials they are not entitled to...

PT-2023-5742 · Jenkins · Jenkins Maven Artifact Choicelistprovider (Nexus) Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Maven Artifact ChoiceListProvider Nexus Plugin versions 1.14 and earlier Description: The issue is related to insufficient protection of registration data, allowing attackers with Item/Configure permission to access and capture...

Jenkins Plugin Maven Artifact ChoiceListProvider 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

Jenkins Maven Artifact ChoiceListProvider (Nexus) Plugin CSRF vulnerability and missing permission checks

An exposure of sensitive information vulnerability exists in Jenkins Maven Artifact ChoiceListProvider Nexus Plugin 1.3.1 and earlier in ArtifactoryChoiceListProvider.java, NexusChoiceListProvider.java, Nexus3ChoiceListProvider.java that allows attackers to capture credentials with a known...

GHSA-FJH2-QHFH-RVFC Jenkins Maven Artifact ChoiceListProvider (Nexus) Plugin CSRF vulnerability and missing permission checks

An exposure of sensitive information vulnerability exists in Jenkins Maven Artifact ChoiceListProvider Nexus Plugin 1.3.1 and earlier in ArtifactoryChoiceListProvider.java, NexusChoiceListProvider.java, Nexus3ChoiceListProvider.java that allows attackers to capture credentials with a known...

CVE-2018-1999030

An exposure of sensitive information vulnerability exists in Jenkins Maven Artifact ChoiceListProvider Nexus Plugin 1.3.1 and earlier in ArtifactoryChoiceListProvider.java, NexusChoiceListProvider.java, Nexus3ChoiceListProvider.java that allows attackers to capture credentials with a known...

CVE-2018-1999030

Summary: CVE-2018-1999030 describes an information disclosure in the Jenkins Maven Artifact ChoiceListProvider (Nexus) Plugin (

CVE-2018-1999030

An exposure of sensitive information vulnerability exists in Jenkins Maven Artifact ChoiceListProvider Nexus Plugin 1.3.1 and earlier in ArtifactoryChoiceListProvider.java, NexusChoiceListProvider.java, Nexus3ChoiceListProvider.java that allows attackers to capture credentials with a known...