vulnerability
Jenkins Advisory 2018-10-10:
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:L/Au:S/C:N/I:N/A:C) | Jan 21, 2019 | Jan 21, 2019 | Feb 19, 2025 |
Severity
7
CVSS
(AV:N/AC:L/Au:S/C:N/I:N/A:C)
Published
Jan 21, 2019
Added
Jan 21, 2019
Modified
Feb 19, 2025
Description
When Jenkins fails to process form submissions due to an internal error, the error message shown to the user and written to the log typically includes the serialized JSON form submission. Secrets, such as submitted passwords, might be included with the JSON object, and shown or written to disk in plain text.
Solutions
jenkins-lts-upgrade-2_138_2jenkins-upgrade-2_146
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.