2 matches found
CVE-2018-1000196
A exposure of sensitive information vulnerability exists in Jenkins Gitlab Hook Plugin 1.4.2 and older in gitlabnotifier.rb, views/gitlabnotifier/global.erb that allows attackers with local Jenkins master file system access or control of a Jenkins administrator's web browser e.g. malicious...
CVE-2018-1000196
CVE-2018-1000196 affects CloudBees/Jenkins Gitlab Hook Plugin 1.4.2 and older, where the files gitlab_notifier.rb and views/gitlab_notifier/global.erb expose the configured GitLab token. The vulnerability allows attackers who can access the Jenkins master filesystem or a compromised Jenkins admin...