CVE-2019-10427
Cleartext Transmission of Sensitive Information in maven/org.jenkins-ci.plugins/aqua-microscanner
Identifiers
GHSA-vv4q-2w98-4v8g, CVE-2019-10427
Package Slug
maven/org.jenkins-ci.plugins/aqua-microscanner
Vulnerability
Cleartext Transmission of Sensitive Information
Description
Jenkins Aqua MicroScanner Plugin 1.0.7 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure.
Affected Versions
All versions up to 1.0.7
Solution
Upgrade to version 1.0.8 or above.
Last Modified
2024-01-31
| source |