CVE-2019-10423
CVE-2019-10423 affects the Jenkins CodeScan Plugin, which stores credentials unencrypted in the plugin’s global configuration file on the Jenkins master/controller. The root cause is unencrypted storage of sensitive data (including credentials and an API key) in com.villagechief.codescan.jenkins....