VYPR
← All advisories
Moderate severityNVD Advisory· Published May 8, 2014· Updated May 6, 2026

CVE-2013-6372

CVE-2013-6372

Description

The Subversion plugin before 1.54 for Jenkins stores credentials using base64 encoding, which allows local users to obtain passwords and SSH private keys by reading a subversion.credentials file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.jenkins-ci.plugins:subversionMaven
< 1.541.54

Affected products

55
  • Jenkins Project/Subversion Plugin54 versions
    cpe:2.3:a:jenkins-ci:subversion-plugin:*:*:*:*:*:*:*:*+ 53 more
    • cpe:2.3:a:jenkins-ci:subversion-plugin:*:*:*:*:*:*:*:*range: <=1.53
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.10:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.11:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.12:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.13:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.14:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.15:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.16:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.17:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.18:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.19:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.20:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.21:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.22:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.23:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.24:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.25:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.26:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.27:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.28:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.29:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.30:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.31:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.32:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.33:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.34:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.35:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.36:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.37:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.38:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.39:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.40:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.41:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.42:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.43:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.44:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.45:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.46:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.47:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.48:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.49:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.50:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.51:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.52:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:jenkins-ci:subversion-plugin:1.9:*:*:*:*:*:*:*
  • ghsa-coords
    pkg:maven/org.jenkins-ci.plugins/subversion
    Range: < 1.54

Patches

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

7

News mentions

0

No linked articles in our index yet.