Description
An exposure of sensitive information vulnerability exists in Jenkins Kubernetes Plugin 1.10.1 and earlier in KubernetesCloud.java that allows attackers to capture credentials with a known credentials ID stored in Jenkins.
Remediation
References
https://jenkins.io/security/advisory/2018-07-30/#SECURITY-1016
Related Vulnerabilities
CVE-2023-24455 Vulnerability in maven package io.jenkins.plugins:visualexpert
CVE-2023-33201 Vulnerability in maven package org.bouncycastle:bcprov-debug-jdk14
CVE-2023-29215 Vulnerability in maven package org.apache.linkis:linkis-engineplugin-jdbc
CVE-2017-3159 Vulnerability in maven package org.apache.camel:camel-snakeyaml
CVE-2021-38294 Vulnerability in maven package org.apache.storm:storm-server