2 matches found
CVE-2018-1000190
A exposure of sensitive information vulnerability exists in Jenkins Black Duck Hub Plugin 4.0.0 and older in PostBuildScanDescriptor.java that allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method...
CVE-2018-1000190
CVE-2018-1000190 affects Jenkins Black Duck Hub Plugin 4.0.0 and older. The issue resides in PostBuildScanDescriptor.java and permits an attacker with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained via another method, thereby capturin...