3 matches found
CVE-2019-10467
Jenkins Sonar Gerrit Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-10467
The CVE-2019-10467 issue affects the Jenkins Sonar Gerrit Plugin, where credentials are stored unencrypted in job config.xml files on the Jenkins master. This exposes sensitive information to users with Extended Read permission or anyone with access to the master filesystem. The publicly document...
CVE-2019-10467
Jenkins Sonar Gerrit Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...