Jenkins Credentials Binding plugin is under attack to an info: disclosure vulnerability.

Illigal use of this issue to gain control over sensitive informations that may leed to further attacks.

Jenkins Credentials Binding plugin version 1.17 is vulnerable.

Bugtraq ID :109320
Class :Design Error
CVE:CVE-2019-1010241
Remote :Yes
Local :No
Published :May 01 2019 12:00AM
Updated :July 26 2019 06:00AM
Credit :Marcelo Sacchetin and Aditya Balapure
Vulnerable :Redhat OpenShift Container Platform 4.1
Redhat OpenShift Container Platform 3.9
Redhat OpenShift Container Platform 3.11
Redhat OpenShift Container Platform 3.10
Jenkins Credentials Binding 1.17