Description
An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with insufficient permission to obtain Perforce passwords configured in jobs to obtain them
Remediation
References
https://jenkins.io/security/advisory/2018-03-26/#SECURITY-536
Related Vulnerabilities
CVE-2019-1003081 Vulnerability in maven package org.jenkins-ci.plugins:openshift-deployer
CVE-2015-1796 Vulnerability in maven package org.opensaml:opensaml
CVE-2011-0533 Vulnerability in maven package org.apache.archiva:archiva
CVE-2019-10316 Vulnerability in maven package org.jenkins-ci.plugins:aqua-microscanner
CVE-2023-46243 Vulnerability in maven package org.xwiki.platform:xwiki-platform-oldcore