Description
An exposure of sensitive information vulnerability exists in Jenkins meliora-testlab Plugin 1.14 and earlier in TestlabNotifier.java that allows attackers with file system access to the Jenkins master to obtain the API key stored in this plugin's configuration.
Remediation
References
https://jenkins.io/security/advisory/2018-07-30/#SECURITY-847
Related Vulnerabilities
CVE-2023-36542 Vulnerability in maven package org.apache.nifi:nifi-jms-processors
CVE-2023-32993 Vulnerability in maven package io.jenkins.plugins:miniorange-saml-sp
CVE-2014-8152 Vulnerability in maven package org.apache.santuario:xmlsec
CVE-2014-3600 Vulnerability in maven package org.apache.activemq:activemq-client
CVE-2020-10719 Vulnerability in maven package io.undertow:undertow-core