CVE-2019-10415
CVE-2019-10415 affects Jenkins Violation Comments to GitLab Plugin, version 2.28 and earlier. The root issue is that API tokens/credentials were stored unencrypted in the plugin’s global configuration file on the Jenkins master, enabling viewing by users with access to the master filesystem. Impa...