3 matches found
CVE-2019-10362
Jenkins Configuration as Code Plugin 1.24 and earlier did not escape values resulting in variable interpolation during configuration import when exporting, allowing attackers with permission to change Jenkins system configuration to obtain the values of environment variables...
CVE-2019-10362
Jenkins Configuration as Code Plugin 1.24 and earlier did not escape values resulting in variable interpolation during configuration import when exporting, allowing attackers with permission to change Jenkins system configuration to obtain the values of environment variables...
CVE-2019-10362
CVE-2019-10362 relates to the Jenkins Configuration as Code Plugin (versions ≤ 1.24). The issue arises because values were not escaped, enabling variable interpolation during configuration export/import. As a result, users with permission to modify Jenkins system configuration could obtain the va...