Exposure of Resource to Wrong Sphere
Jenkins Chef Identity Plugin 2.0.3 and earlier does not mask the user.pem key form field, increasing the potential for attackers to observe and capture it.
Advisories for Maven/Org.jenkins-Ci.plugins/Chef-Identity package
2023