A exposure of sensitive information vulnerability exists in Jenkins Configuration as Code Plugin 0.7-alpha and previous versions in ConfigurationAsCode.java that allows attackers with Overall/Read access to obtain the YAML export of the Jenkins configuration.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jenkins configuration as code 0.2 |
||
jenkins configuration as code 0.3 |
||
jenkins configuration as code 0.4 |
||
jenkins configuration as code 0.5 |
||
jenkins configuration as code 0.7 |
||
jenkins configuration as code 0.1 |
||
jenkins configuration as code 0.6 |