CVE-2018-1000401
CVE-2018-1000401 affects the Jenkins AWS CodePipeline Plugin up to version 0.36. The issue is an Insufficiently Protected Credentials vulnerability in AWSCodePipelineSCM.java, leading to possible credentials disclosure. Exploitation is described as being via local file access. The advisory notes ...