Security CVEs
View details of reported vulnerabilites
This page displayes CVEs that are discovered in code or components maintained by Perforce, not 3rd party CVEs (CVEs in components not maintained by Perforce). If you have any questions about this page, please see our Perforce Vulnerability Reporting and Coordinated Disclosure Policy here: Perforce Security & Compliance Policies or contact security@perforce.com
CVEs
CVEsAll
Loading...
Loading...
Hang tight or select a different list view.
Item Number | Resolved In | Action | |||||||
|---|---|---|---|---|---|---|---|---|---|
| JViews | CVE-2015-8965 | Arbitrary Code Execution in Rogue Wave JViews | Critical | 9.8 | 4/6/2017 | Jviews 8.8 patch 21 Jviews 8.9 patch 1 | |||
| Gliffy | CVE-2012-2928 | Arbitrary Code Execution in Gliffy Plugin | Medium | 6.4 | 5/22/2012 | Gliffy Plugin 3.7.1Gliffy Plugin 4.2 | |||
| Klocwork | CVE-2020-2247 | XML External Entity in Klocwork Jenkins Plugin | Medium | 6.5 | 9/25/2020 | Jenkins Klocwork Analysis Plugin 2020.3.1 | |||
| Rebel | CVE-2018-1002201 | Directory Traversal in zt-zip | Medium | 5.5 | 7/25/2018 | zt-zip 1.13 | |||
| Helix QAC | CVE-2019-1003048 | Unencrypted Password in Helix QAC (Jenkins PRQA Plugin) | High | 7.8 | 10/12/2020 | Helix QAC (Jenkins PRQA Plugin) 3.3.0Helix QAC (Jenkins PRQA Plugin) 3.3.1 | |||
| Helix Core | CVE-2021-21655 | Cross-Site Request Forgery (CSRF) in P4 Plugin | High | 7.1 | 5/11/2021 | Jenkins P4 Plugin 1.11.5 | |||
| Helix Core | CVE-2021-21654 | Excessive Permissions in Jenkins P4 Plugin | Medium | 4.3 | 5/11/2021 | Jenkins P4 Plugin 1.10.11 | |||
| Helix Core | CVE-2020-2141 | Cross-Site Request Forgery (CSRF) in P4 Plugin | Medium | 4.3 | 3/9/2020 | Jenkins P4 Plugin 1.10.11 | |||
| Puppet | CVE-2023-5214 | CVE-2023-5214 Privilege Escalation in Puppet Bolt | Medium | 6.5 | 10/6/2023 | Puppet Bolt 3.27.4 | |||
| Puppet | CVE-2023-5255 | CVE-2023-5255 Denial of Service for Revocation of Auto Renewed Certificates | Medium | 4.4 | 10/3/2023 | Puppet Enterprise 2023.4, Puppet Server 8.2.3 | |||
| Puppet | CVE-2009-3564 | CVE-2009-3564 | None | 0.0 | 10/6/2009 | Resolved in Puppet 0.25.2 and 0.24.9 | |||
| Puppet | CVE-2009-3564 | CVE-2010-0156 | None | 0.0 | 3/3/2010 | Resolved in Puppet 0.25.2 and 0.24.9 | |||
| Puppet | Auth-Conf-2010-10 | None | 0.0 | 10/1/2010 | |||||
| Puppet | CVE-2009-3564 | CVE-2011-3848 | None | 0.0 | 10/27/2011 | Resolved in Puppet 0.25.2 and 0.24.9 | |||
| Puppet | CVE-2011-3869 | CVE-2011-3869 | None | 0.0 | 10/27/2011 | Resolved in Puppet 2.6.11 and 2.7.5 | |||
| Puppet | CVE-2011-3870 | CVE-2011-3870 | None | 0.0 | 10/27/2011 | Resolved in Puppet 2.6.11 and 2.7.5 | |||
| Puppet | CVE-2011-3871 | CVE-2011-3871 | None | 0.0 | 10/27/2011 | Resolved in Puppet 2.6.11 and 2.7.5 | |||
| Puppet | CVE-2011-3872 | CVE-2011-3872 | None | 0.0 | 10/27/2011 | Resolved in Puppet 2.6.12 and 2.7.6, Resolved in Puppet Enterprise 1.2.4, Hotfixes available for Puppet Enterprise 1.0 and 1.1, Patched releases for Puppet 0.25.x and 0.24.x available from OS vendors, Hotfixes, http://puppetlabs.com/security/cve/cve-2011-3872/hotfixes, Remediation Toolkit, http://links.puppetlabs.com/cve20113872_remediation, Frequently Asked Questions, http://puppetlabs.com/security/cve/cve-2011-3872/faq | |||
| Puppet | CVE-2012-1054 | CVE-2012-1054 Hotfixes | None | 0.0 | 2/21/2012 | ||||
| Puppet | CVE-2012-1053 | CVE-2012-1053 Hotfixes | None | 0.0 | 2/23/2012 | ||||
| Puppet | CVE-2012-1053 | Local Group Privilege Escalation | None | 0.0 | 2/28/2012 | Resolved in Puppet 2.6.14 (source), 2.7.11 (source), rpm, deb, Resolved in Puppet Enterprise 1.2.5 and 2.0.3, Hotfixes available for Puppet Enterprise 1.0, 1.1, and 1.2.x, http://puppetlabs.com/security/cve/cve-2012-1053/hotfixes/ | |||
| Puppet | CVE-2012-1906 | Arbitrary Code Execution | None | 0.0 | 4/11/2012 | Resolved in Puppet 2.6.15 (, source, ), 2.7.13 (, source, ),, rpm, ,, deb, ,, dmg, Resolved in Puppet Enterprise 1.2.5 and 2.5.1, Hotfixes available for Puppet Enterprise 1.0, 1.1, 1.2.x, and 2.0.x | |||
| Puppet | CVE-2012-1989 | CVE-2012-1989 (Arbitrary File Write Access) | None | 0.0 | 4/11/2012 | Resolved in 2.7.13, rpm, ,, deb, Resolved in Puppet Enterprise 2.5.1, Hotfixes available for Puppet Enterprise 2.0.x, Hotfixes, http://puppetlabs.com/security/cve/cve-2012-1989/hotfixes/ | |||
| Puppet | CVE-2012-1054 | Local User Privilege Escalation | None | 0.0 | 5/29/2012 | Resolved in Puppet 2.6.14 (source), 2.7.11 (source), rpm, deb, Resolved in Puppet Enterprise 1.2.5 and 2.0.3, Hotfixes available for Puppet Enterprise 1.0, 1.1, and 1.2.x, http://puppetlabs.com/security/cve/cve-2012-1054/hotfixes/ | |||
| Puppet | CVE-2012-1986 | Arbitrary File Read Access | None | 0.0 | 5/29/2012 | Resolved in Puppet 2.6.15 (, source, ), 2.7.13 (, source, ),, rpm, ,, deb, Resolved in Puppet Enterprise 1.2.5 and 2.5.1, Hotfixes available for Puppet Enterprise 1.0, 1.1, 1.2.x, and 2.0.x, Hotfixes, http://puppetlabs.com/security/cve/cve-2012-1986/hotfixes/ | |||
| Puppet | CVE-2012-1986 | CVE-2012-1986 Hotfixes | None | 0.0 | 5/29/2012 | Resolved in Puppet 2.6.15 (, source, ), 2.7.13 (, source, ),, rpm, ,, deb, Resolved in Puppet Enterprise 1.2.5 and 2.5.1, Hotfixes available for Puppet Enterprise 1.0, 1.1, 1.2.x, and 2.0.x, Hotfixes, http://puppetlabs.com/security/cve/cve-2012-1986/hotfixes/ | |||
| Puppet | CVE-2012-1987 | Denial of Service | None | 0.0 | 5/29/2012 | Resolved in Puppet 2.6.15 (, source, ), 2.7.13 (, source, ),, rpm, ,, deb, Resolved in Puppet Enterprise 1.2.5 and 2.5.1, Hotfixes available for Puppet Enterprise 1.0, 1.1, 1.2.x, and 2.0.x, Hotfixes | |||
| Puppet | CVE-2012-1988 | CVE-2012-1988 (Arbitrary Code Execution) | None | 0.0 | 5/29/2012 | Resolved in Puppet 2.6.15 (, source, ), 2.7.13 (, source, ),, rpm, ,, deb, Resolved in Puppet Enterprise 1.2.5 and 2.5.1, Hotfixes available for Puppet Enterprise 1.0, 1.1, 1.2.x, and 2.0.x, Hotfixes, http://puppetlabs.com/security/cve/cve-2012-1988/hotfixes/ | |||
| Puppet | CVE-2012-1988 | CVE-2012-1988 Hotfixes | None | 0.0 | 5/29/2012 | Resolved in Puppet 2.6.15 (, source, ), 2.7.13 (, source, ),, rpm, ,, deb, Resolved in Puppet Enterprise 1.2.5 and 2.5.1, Hotfixes available for Puppet Enterprise 1.0, 1.1, 1.2.x, and 2.0.x, Hotfixes, http://puppetlabs.com/security/cve/cve-2012-1988/hotfixes/ | |||
| Puppet | CVE-2012-1989 | CVE-2012-1989 Hotfixes | None | 0.0 | 6/27/2012 | Resolved in 2.7.13, rpm, ,, deb, Resolved in Puppet Enterprise 2.5.1, Hotfixes available for Puppet Enterprise 2.0.x, Hotfixes, http://puppetlabs.com/security/cve/cve-2012-1989/hotfixes/ | |||
| Puppet | CVE-2012-3867 | CVE-2012-3867 (Insufficient input validation) | None | 0.0 | 7/9/2012 | Resolved in Puppet 2.6.17 (, source, ), 2.7.18 (, source, ),, rpm, ,, deb, ,, dmg, ,, windows, Resolved in Puppet Enterprise 1.2.5 and 2.5.2, Hotfixes available for Puppet Enterprise 1.0, 1.1, 1.2.x, and 2.0.x, Hotfixes, http://puppetlabs.com/security/cve/cve-2012-3867/hotfixes/ | |||
| Puppet | CVE-2012-3408 | CVE-2012-3408 (Agent Impersonation) | None | 0.0 | 8/6/2012 | ||||
| Puppet | CVE 2012-3408 | CVE 2012-3408 Hotfixes | None | 0.0 | 8/6/2012 | ||||
| Puppet | CVE-2012-3864 | CVE-2012-3864 (Arbitrary File Read) | None | 0.0 | 8/6/2012 | Resolved in Puppet 2.6.17 (, source, ), 2.7.18 (, source, ),, rpm, ,, deb, ,, dmg, ,, windows, Resolved in Puppet Enterprise 1.2.5 and 2.5.2, Hotfixes available for Puppet Enterprise 1.0, 1.1, 1.2.x, and 2.0.x, Hotfixes, http://puppetlabs.com/security/cve/cve-2012-3864/hotfixes/ | |||
| Puppet | CVE 2012-3866 | CVE 2012-3866 Hotfixes | None | 0.0 | 8/6/2012 | ||||
| Puppet | CVE 2012-3866 | CVE-2012-3866 (last_run_report.yaml is world readable) | None | 0.0 | 8/6/2012 | Resolved in Puppet 2.7.18 (source), rpm, deb, dmg, windows, Resolved in Puppet Enterprise 2.5.2, Hotfixes available for Puppet Enterprise 2.0.x, http://puppetlabs.com/security/cve/cve-2012-3866/hotfixes/ | |||
| Puppet | CVE-2012-3865 | Overview: CVE-2012-3865 (Arbitrary file delete/D.O.S on Puppet Master) | None | 0.0 | 8/6/2012 | Resolved in Puppet 2.6.17 (, source, ), 2.7.18 (, source, ),, rpm, ,, deb, ,, dmg, ,, windows, Resolved in Puppet Enterprise 1.2.5 and 2.5.2, Hotfixes available for Puppet Enterprise 1.0, 1.1, 1.2.x, and 2.0.x, Hotfixes | |||
| Puppet | CVE 2012-3867 | CVE 2012-3867 Hotfixes | Medium | 0.0 | 8/6/2012 | ||||
| Puppet | CVE 2012-3864 | CVE 2012-3864 Hotfixes | Medium | 0.0 | 8/9/2012 | ||||
| Puppet | CVE-2012-5664 | CVE-2012-5664 (ActiveRecord SQL Injection Vulnerability) | None | 0.0 | 12/26/2012 | Hotfixes available for Puppet Enterprise 1.2.5 and 2.7.0, Hotfixes, http://puppetlabs.com/security/cve/cve-2012-5664/hotfixes/ | |||
| Puppet | CVE 2012-5664 | CVE 2012-5664 Hotfixes | None | 0.0 | 12/26/2012 | ||||
| Puppet | CVE-2013-0269 | CVE-2013-0269 Hotfixes | Medium | 0.0 | 1/12/2013 | ||||
| Puppet | CVE-2013-0156 | CVE-2013-0156 (ActionPack SQL Injection Vulnerability) | None | 0.0 | 1/13/2013 | Hotfixes available for Puppet Enterprise 1.2.5 and 2.7.0, Hotfixes, http://puppetlabs.com/security/cve/cve-2013-0156/hotfixes/ | |||
| Puppet | CVE 2013-0156 | CVE 2013-0156 Hotfixes | None | 0.0 | 1/13/2013 | ||||
| Puppet | CVE-2013-0155 | CVE-2013-0155 Hotfixes | Medium | 0.0 | 1/13/2013 | Hotfixes available for Puppet Enterprise 1.2.5 and 2.7.0, Hotfixes, http://puppetlabs.com/security/cve/cve-2013-0155/hotfixes/ | |||
| Puppet | CVE-2013-0155 | CVE-2013-0155 (ActiveRecord Unsafe Query Generation Risk) | None | 0.0 | 1/15/2013 | Hotfixes available for Puppet Enterprise 1.2.5 and 2.7.0, Hotfixes, http://puppetlabs.com/security/cve/cve-2013-0155/hotfixes/ | |||
| Puppet | CVE-2013-0333 | CVE-2013-0333 Hotfixes | Medium | 0.0 | 1/28/2013 | ||||
| Puppet | CVE-2013-0333 | CVE-2013-0333 (Rails JSON Parser Vulnerability) | None | 0.0 | 1/30/2013 | Hotfixes available for Puppet Enterprise 1.2.5 and 2.7.0, http://puppetlabs.com/security/cve/cve-2013-0333/hotfixes/ | |||
| Puppet | CVE-2013-0169 | CVE-2013-0169 Hotfixes | None | 0.0 | 2/3/2013 | ||||
| Puppet | CVE-2013-1398 | CVE-2013-1398 (MCO Private Key Leak) | None | 0.0 | 2/6/2013 | Resolved in Puppet Enterprise 2.7.1 |
