Количество 2
Количество 2
CVE-2018-1000196
A exposure of sensitive information vulnerability exists in Jenkins Gitlab Hook Plugin 1.4.2 and older in gitlab_notifier.rb, views/gitlab_notifier/global.erb that allows attackers with local Jenkins master file system access or control of a Jenkins administrator's web browser (e.g. malicious extension) to retrieve the configured Gitlab token.
GHSA-7p4p-v6hr-gp3m
Jenkins Gitlab Hook Plugin stores and displays GitLab API token in plain text
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2018-1000196 A exposure of sensitive information vulnerability exists in Jenkins Gitlab Hook Plugin 1.4.2 and older in gitlab_notifier.rb, views/gitlab_notifier/global.erb that allows attackers with local Jenkins master file system access or control of a Jenkins administrator's web browser (e.g. malicious extension) to retrieve the configured Gitlab token. | CVSS3: 6.5 | 0% Низкий | больше 7 лет назад |
| GHSA-7p4p-v6hr-gp3m Jenkins Gitlab Hook Plugin stores and displays GitLab API token in plain text | CVSS3: 6.5 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу