CVE-2018-1000196
CVSS v3.0
6.5 (Medium)
CVSS v2.0
4 (Medium)
EPSS
0.06 % (27th)
Affected Products
1
Advisories
2
A exposure of sensitive information vulnerability exists in Jenkins Gitlab Hook Plugin 1.4.2 and older in gitlab_notifier.rb, views/gitlab_notifier/global.erb that allows attackers with local Jenkins master file system access or control of a Jenkins administrator's web browser (e.g. malicious extension) to retrieve the configured Gitlab token.
Weaknesses
- CWE-200
- Exposure of Sensitive Information to an Unauthorized Actor
- CVE Status
- PUBLISHED
- CNA
- MITRE
- Published Date
-
2018-06-05 21:29:00
(6 years ago) - Updated Date
-
2018-07-18 19:43:45
(6 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...