2 matches found
CVE-2019-10339
A missing permission check in Jenkins JX Resources Plugin 1.0.36 and earlier in GlobalPluginConfigurationdoValidateClient allowed users with Overall/Read access to have Jenkins connect to an attacker-specified Kubernetes server, potentially leaking credentials...
CVE-2019-10339
The CVE-2019-10339 issue affects Jenkins JX Resources Plugin (versions ≤1.0.36). A missing permission check in GlobalPluginConfiguration#doValidateClient allowed users with Overall/Read to connect to an attacker-specified Kubernetes server, potentially leaking credentials and exposing environment...