Jenkins Credentials Binding plugin is under attack to an info: disclosure vulnerability.

Illigal use of this issue to gain control over sensitive informations that may leed to further attacks.

Jenkins Credentials Binding plugin version 1.17 is vulnerable.

Bugtraq ID : 109320
Class : Design Error
CVE: CVE-2019-1010241
Remote : Yes
Local : No
Published : May 01 2019 12:00AM
Updated : July 26 2019 06:00AM
Credit : Marcelo Sacchetin and Aditya Balapure
Vulnerable : Redhat OpenShift Container Platform 4.1
Redhat OpenShift Container Platform 3.9
Redhat OpenShift Container Platform 3.11
Redhat OpenShift Container Platform 3.10
Jenkins Credentials Binding 1.17