Medium severity5.4NVD Advisory· Published Aug 1, 2018· Updated Jun 17, 2026
CVE-2018-1999030
CVE-2018-1999030
Description
An exposure of sensitive information vulnerability exists in Jenkins Maven Artifact ChoiceListProvider (Nexus) Plugin 1.3.1 and earlier in ArtifactoryChoiceListProvider.java, NexusChoiceListProvider.java, Nexus3ChoiceListProvider.java that allows attackers to capture credentials with a known credentials ID stored in Jenkins.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.jenkins-ci.plugins:maven-artifact-choicelistproviderMaven | < 1.3.2 | 1.3.2 |
Affected products
1Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-fjh2-qhfh-rvfcghsaADVISORY
- jenkins.io/security/advisory/2018-07-30/nvdVendor AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2018-1999030ghsaADVISORY
- github.com/jenkinsci/maven-artifact-choicelistprovider-plugin/commit/2d2e20cc00a29abf435afcad12cfc9ddadf76d89ghsaWEB
- github.com/jenkinsci/maven-artifact-choicelistprovider-plugin/commit/5a3a3ff1e7416623c531601620305640ef4c8e28ghsaWEB
- github.com/jenkinsci/maven-artifact-choicelistprovider-plugin/commit/99d97c028fbc0672b729d052d4bfc4dfa9674f23ghsaWEB
News mentions
0No linked articles in our index yet.