1 results (0.002 seconds)
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1000601
https://notcve.org/view.php?id=CVE-2018-1000601
26 Jun 2018 — A arbitrary file read vulnerability exists in Jenkins SSH Credentials Plugin 1.13 and earlier in BasicSSHUserPrivateKey.java that allows attackers with a Jenkins account and the permission to configure credential bindings to read arbitrary files from the Jenkins master file system. Existe una vulnerabilidad de lectura de archivos arbitrarios en el plugin de Jenkins SSH Credentials en versiones 1.13 y anteriores en BasicSSHUserPrivateKey.java que permite a los atacantes con una cuenta en Jenkins y el permiso... • https://jenkins.io/security/advisory/2018-06-25/#SECURITY-440 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •