CVE-2019-10436

Summary

An arbitrary file read vulnerability in Jenkins Google OAuth Credentials Plugin 0.9 and earlier allowed attackers able to configure jobs and credentials in Jenkins to obtain the contents of any file on the Jenkins master.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins Google OAuth Credentials Plugin0.9 and earlieraffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References