CVE-2022-20620
maven/org.jenkins-ci.plugins/ssh-agent
Exposure of Resource to Wrong Sphere
Missing permission checks in Jenkins SSH Agent Plugin allows attackers with Overall/Read
access to enumerate credentials IDs of credentials stored in Jenkins.
All versions up to 1.23
Unfortunately, there is no solution available yet.
2022-01-19
source |