Filtered by vendor Perforce
Subscribe
Total
25 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-35767 | 1 Perforce | 1 Helix Core | 2024-11-21 | N/A | 7.5 HIGH |
| In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the shutdown function was identified. Reported by Jason Geffner. | |||||
| CVE-2022-2394 | 1 Perforce | 1 Puppet Bolt | 2024-11-21 | N/A | 4.1 MEDIUM |
| Puppet Bolt prior to version 3.24.0 will print sensitive parameters when planning a run resulting in them potentially being logged when run programmatically, such as via Puppet Enterprise. | |||||
| CVE-2021-28973 | 1 Perforce | 1 Helix Alm | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
| The XML Import functionality of the Administration console in Perforce Helix ALM 2020.3.1 Build 22 accepts XML input data that is parsed by insecurely configured software components, leading to XXE attacks. | |||||
| CVE-2018-1000147 | 1 Perforce | 1 Perforce | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with insufficient permission to obtain Perforce passwords configured in jobs to obtain them | |||||
| CVE-2013-1410 | 1 Perforce | 1 P4web | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Perforce P4web 2011.1 and 2012.1 has multiple XSS vulnerabilities | |||||