Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.The Jenkins Credentials Binding Plugin is vulnerable to an input validation error that stems from the plugin’s failure to perform a permission check in the method that implements form validation, which could be exploited by an attacker with overall/read access vulnerability to verify that the credential ID refers to secret file credentials and that it is a zip file.
CPE | Name | Operator | Version |
---|---|---|---|
jenkins credentials binding plugin | le | 1.27 |