CVE-2019-1003018
CVSS v3.0
4.3 (Medium)
CVSS v2.0
4.3 (Medium)
EPSS
0.08 % (35th)
Affected Products
1
Advisories
2
An exposure of sensitive information vulnerability exists in Jenkins GitHub Authentication Plugin 0.29 and earlier in GithubSecurityRealm/config.jelly that allows attackers able to view a Jenkins administrator's web browser output, or control the browser (e.g. malicious extension) to retrieve the configured client secret.
Weaknesses
- CWE-200
- Exposure of Sensitive Information to an Unauthorized Actor
- CVE Status
- PUBLISHED
- CNA
- Jenkins Project
- Published Date
-
2019-02-06 16:29:00
(5 years ago) - Updated Date
-
2023-10-25 18:16:02
(10 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...