Description
A vulnerability in Jenkins PRQA Plugin 3.1.0 and earlier allows attackers with local file system access to the Jenkins home directory to obtain the unencrypted password from the plugin configuration.
Remediation
References
http://www.openwall.com/lists/oss-security/2019/03/28/2
http://www.securityfocus.com/bid/107628
https://jenkins.io/security/advisory/2019-03-25/#SECURITY-1089
Related Vulnerabilities
CVE-2019-15953 Vulnerability in npm package total.js
CVE-2022-42003 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind
CVE-2020-7693 Vulnerability in npm package sockjs
CVE-2019-14863 Vulnerability in maven package org.webjars.bower:angular
CVE-2020-7676 Vulnerability in maven package org.webjars.npm:angular