CVE-2019-10416 in Violation Comments to GitLab Plugin
Сводка
по MITRE
Jenkins Violation Comments to GitLab Plugin 2.28 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.