CVE-2019-10363

MEDIUM4.9EPSS 0.05%

Cleartext Transmission of Sensitive Information in Jenkins Configuration as Code Plugin

發布日:2022/5/24修改日:2024/2/16

描述

Jenkins Configuration as Code Plugin 1.24 and earlier did not reliably identify sensitive values expected to be exported in their encrypted form.

受影響套件(1)

Maven/io.jenkins:configuration-as-codefrom 0, < 1.25

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	MEDIUM4.9	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

參考連結(4)