Lucene search
Redhat.comRH:CVE-2018-1000410HistoryJan 30, 2019 - 1:19 a.m.
CVE-2018-1000410
2019-01-3001:19:52
redhat.com
access.redhat.com
10
0.0004 Low
EPSS
Percentile
12.6%
An information exposure vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier, and the Stapler framework used by these releases, in core/src/main/java/org/kohsuke/stapler/RequestImpl.java, core/src/main/java/hudson/model/Descriptor.java that allows attackers with Overall/Administer permission or access to the local file system to obtain credentials entered by users if the form submission could not be successfully processed.
Related
osv
osv
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
2022-05-14 01:04:36
CVE-2018-1000410
2019-01-09 23:29:02
prion
prion
Information disclosure
2019-01-09 23:29:00
cve
cve
CVE-2018-1000410
2019-01-09 23:29:02
veracode
veracode
Information Disclosure
2019-05-16 02:16:48
nvd
nvd
CVE-2018-1000410
2019-01-09 23:29:02
github
github
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
2022-05-14 01:04:36
cvelist
cvelist
CVE-2018-1000410
2019-01-09 23:00:00
openvas
openvas
Jenkins < 2.146 and < 2.138.2 LTS Multiple Vulnerabilities - Linux
2018-12-11 00:00:00
Jenkins < 2.146 and < 2.138.2 LTS Multiple Vulnerabilities - Windows
2018-12-11 00:00:00
nessus
nessus
Jenkins < 2.138.2 (LTS) / 2.146 Multiple Vulnerabilities
2018-10-16 00:00:00