Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/org.jenkins-ci.plugins/p4@1.3.36

Type maven

Namespace org.jenkins-ci.plugins

Name p4

Version 1.3.36

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 1.4

Latest_non_vulnerable_version 1.4

Affected_by_vulnerabilities

url VCID-6hpx-ma5h-syd1

vulnerability_id VCID-6hpx-ma5h-syd1

summary

Information Exposure
An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin allows attackers with local file system access to obtain encrypted Perforce passwords and decrypt them.

references

reference_url	https://jenkins.io/security/advisory/2018-03-26/#SECURITY-373
reference_id
reference_type
scores
url	https://jenkins.io/security/advisory/2018-03-26/#SECURITY-373

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2018-1000145
reference_id	CVE-2018-1000145
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2018-1000145

reference_url	https://github.com/advisories/GHSA-cwxx-gwwj-pqjq
reference_id	GHSA-cwxx-gwwj-pqjq
reference_type
scores
url	https://github.com/advisories/GHSA-cwxx-gwwj-pqjq

fixed_packages

url	pkg:maven/org.jenkins-ci.plugins/p4@1.4
purl	pkg:maven/org.jenkins-ci.plugins/p4@1.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.plugins/p4@1.4

aliases CVE-2018-1000145, GHSA-cwxx-gwwj-pqjq

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6hpx-ma5h-syd1

Fixing_vulnerabilities

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.plugins/p4@1.3.36

Package Instance