Description
An exposure of sensitive information vulnerability exists in Jenkins meliora-testlab Plugin 1.14 and earlier in TestlabNotifier.java that allows attackers with file system access to the Jenkins master to obtain the API key stored in this plugin's configuration.
Remediation
References
https://jenkins.io/security/advisory/2018-07-30/#SECURITY-847
Related Vulnerabilities
CVE-2011-2093 Vulnerability in maven package com.adobe.blazeds:flex-messaging-common
CVE-2015-7539 Vulnerability in maven package org.jenkins-ci.main:jenkins-core
CVE-2018-1000068 Vulnerability in maven package org.jenkins-ci.main:jenkins-core
CVE-2014-3600 Vulnerability in maven package org.apache.activemq:apache-activemq