Search
Find a vulnerability
Search criteria
2 vulnerabilities found for Jenkins PRQA Plugin by Jenkins project
CVE-2019-1003048 (GCVE-0-2019-1003048)
Vulnerability from nvd – Published: 2019-03-28 17:59 – Updated: 2024-08-05 03:07
VLAI
EPSS
VEX
Summary
A vulnerability in Jenkins PRQA Plugin 3.1.0 and earlier allows attackers with local file system access to the Jenkins home directory to obtain the unencrypted password from the plugin configuration.
Severity
No CVSS data available.
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.openwall.com/lists/oss-security/2019/03/28/2 | mailing-listx_refsource_MLIST |
| http://www.securityfocus.com/bid/107628 | vdb-entryx_refsource_BID |
| https://jenkins.io/security/advisory/2019-03-25/#… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Jenkins project | Jenkins PRQA Plugin |
Affected:
3.1.0 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:07:16.841Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20190328 Re: Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/03/28/2"
},
{
"name": "107628",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107628"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://jenkins.io/security/advisory/2019-03-25/#SECURITY-1089"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins PRQA Plugin",
"vendor": "Jenkins project",
"versions": [
{
"status": "affected",
"version": "3.1.0 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Jenkins PRQA Plugin 3.1.0 and earlier allows attackers with local file system access to the Jenkins home directory to obtain the unencrypted password from the plugin configuration."
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T16:45:26.772Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"name": "[oss-security] 20190328 Re: Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/03/28/2"
},
{
"name": "107628",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107628"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://jenkins.io/security/advisory/2019-03-25/#SECURITY-1089"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"ID": "CVE-2019-1003048",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jenkins PRQA Plugin",
"version": {
"version_data": [
{
"version_value": "3.1.0 and earlier"
}
]
}
}
]
},
"vendor_name": "Jenkins project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Jenkins PRQA Plugin 3.1.0 and earlier allows attackers with local file system access to the Jenkins home directory to obtain the unencrypted password from the plugin configuration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-256"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20190328 Re: Multiple vulnerabilities in Jenkins plugins",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/03/28/2"
},
{
"name": "107628",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107628"
},
{
"name": "https://jenkins.io/security/advisory/2019-03-25/#SECURITY-1089",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2019-03-25/#SECURITY-1089"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2019-1003048",
"datePublished": "2019-03-28T17:59:30.000Z",
"dateReserved": "2019-03-28T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:07:16.841Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1003048 (GCVE-0-2019-1003048)
Vulnerability from cvelistv5 – Published: 2019-03-28 17:59 – Updated: 2024-08-05 03:07
VLAI
EPSS
VEX
Summary
A vulnerability in Jenkins PRQA Plugin 3.1.0 and earlier allows attackers with local file system access to the Jenkins home directory to obtain the unencrypted password from the plugin configuration.
Severity
No CVSS data available.
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.openwall.com/lists/oss-security/2019/03/28/2 | mailing-listx_refsource_MLIST |
| http://www.securityfocus.com/bid/107628 | vdb-entryx_refsource_BID |
| https://jenkins.io/security/advisory/2019-03-25/#… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Jenkins project | Jenkins PRQA Plugin |
Affected:
3.1.0 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:07:16.841Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20190328 Re: Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/03/28/2"
},
{
"name": "107628",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107628"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://jenkins.io/security/advisory/2019-03-25/#SECURITY-1089"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins PRQA Plugin",
"vendor": "Jenkins project",
"versions": [
{
"status": "affected",
"version": "3.1.0 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Jenkins PRQA Plugin 3.1.0 and earlier allows attackers with local file system access to the Jenkins home directory to obtain the unencrypted password from the plugin configuration."
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T16:45:26.772Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"name": "[oss-security] 20190328 Re: Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/03/28/2"
},
{
"name": "107628",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107628"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://jenkins.io/security/advisory/2019-03-25/#SECURITY-1089"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"ID": "CVE-2019-1003048",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jenkins PRQA Plugin",
"version": {
"version_data": [
{
"version_value": "3.1.0 and earlier"
}
]
}
}
]
},
"vendor_name": "Jenkins project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Jenkins PRQA Plugin 3.1.0 and earlier allows attackers with local file system access to the Jenkins home directory to obtain the unencrypted password from the plugin configuration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-256"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20190328 Re: Multiple vulnerabilities in Jenkins plugins",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/03/28/2"
},
{
"name": "107628",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107628"
},
{
"name": "https://jenkins.io/security/advisory/2019-03-25/#SECURITY-1089",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2019-03-25/#SECURITY-1089"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2019-1003048",
"datePublished": "2019-03-28T17:59:30.000Z",
"dateReserved": "2019-03-28T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:07:16.841Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}