CVE-2018-1999036
CVE-2018-1999036 affects Jenkins SSH Agent Plugin 1.15 and earlier, where SSHAgentStepExecution.java logs the ssh-add command, exposing the SSH private key password to users who can read the build log. The issue’s root cause is sensitive information disclosure via build-log logging. Remediation i...