Lucene search
GoogleOSV:GHSA-2PP9-R4RV-6P6JHistoryMay 14, 2022 - 1:05 a.m.
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
2022-05-1401:05:26
Google
osv.dev
14
jenkins
sensitive information
unauthorized actor
vulnerability
plugin
EPSS
0.001
Percentile
22.0%
A exposure of sensitive information vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in Plugin.java that allows attackers to determine the date and time when a plugin HPI/JPI file was last extracted, which typically is the date of the most recent installation/upgrade.
Related
nvd
nvd
CVE-2018-1999006
2018-07-23 19:29:00
cvelist
cvelist
CVE-2018-1999006
2022-10-03 16:22:22
redhatcve
redhatcve
CVE-2018-1999006
2018-07-30 03:49:29
cve
cve
CVE-2018-1999006
2022-10-03 16:22:22
github
github
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
2022-05-14 01:05:26
prion
prion
Information disclosure
2018-07-23 19:29:00
osv
osv
CVE-2018-1999006
2018-07-23 19:29:00
archlinux
archlinux
[ASA-201807-14] jenkins: multiple issues
2018-07-21 00:00:00
nessus
nessus
Jenkins < 2.121.2 / 2.133 Multiple Vulnerabilities
2018-08-09 00:00:00
freebsd
freebsd
jenkins -- multiple vulnerabilities
2018-07-18 00:00:00
openvas
openvas
Jenkins < 2.133 and < 2.121.2 LTS Multiple Vulnerabilities - Linux
2018-07-24 00:00:00
Jenkins < 2.133 and < 2.121.2 LTS Multiple Vulnerabilities - Windows
2018-07-24 00:00:00