2 matches found
GHSA-XM94-9JW8-P6HW Insertion of Sensitive Information into Externally-Accessible File or Directory in Jenkins Credentials Plugin
Jenkins Credentials Plugin 2.1.18 and earlier allowed users with permission to create or update credentials to confirm the existence of files on the Jenkins master with an attacker-specified path, and obtain the certificate content of files containing a PKCS12 certificate...
jenkins-credentials-plugin: Certificate file read vulnerability in Credentials Plugin (SECURITY-1322)
Jenkins Credentials Plugin 2.1.18 and earlier allowed users with permission to create or update credentials to confirm the existence of files on the Jenkins master with an attacker-specified path, and obtain the certificate content of files containing a PKCS12 certificate...