2 matches found
org.hudsonci.plugins:reviewboard (=1.0.2-h-1) potentially affected by CVE-2018-1000145 via org.jvnet.hudson.plugins:perforce (=1.1.14)
org.jvnet.hudson.plugins:perforce MAVEN version =1.1.14 is affected by a known vulnerability. The following packages have a transitive dependency on org.jvnet.hudson.plugins:perforce and may be impacted: - org.hudsonci.plugins:reviewboard =1.0.2-h-1 Source cves: CVE-2018-1000145 Source advisory:...
CVE-2018-1000145
CVE-2018-1000145 affects the Jenkins Perforce Plugin up to version 1.3.36 and older. The issue is in PerforcePasswordEncryptor.java, where an attacker with local file system access can obtain encrypted Perforce passwords and decrypt them. The connected documents corroborate that this is a sensiti...