CVE-2020-2312
CVE-2020-2312 concerns Jenkins SQLPlus Script Runner Plugin (versions 2.0.12 and earlier). The issue arises because the plugin prints the sqlplus command invocation to build logs without masking the password provided as a command line argument, enabling users with Item/Read permission to view the...