Medium severity4.3NVD Advisory· Published Jul 9, 2018· Updated Jun 17, 2026
CVE-2018-1000402
CVE-2018-1000402
Description
Jenkins project Jenkins AWS CodeDeploy Plugin version 1.19 and earlier contains a File and Directory Information Exposure vulnerability in AWSCodeDeployPublisher.java that can result in Disclosure of environment variables. This vulnerability appears to have been fixed in 1.20 and later.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
com.amazonaws:codedeployMaven | < 1.20 | 1.20 |
Affected products
1Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-644j-jcc4-crx7ghsaADVISORY
- jenkins.io/security/advisory/2018-06-25/nvdVendor AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2018-1000402ghsaADVISORY
- github.com/jenkinsci/aws-codedeploy-plugin/commit/4bef70636dbcb9e773d4a4a6186726719cb88ee4ghsaWEB
- github.com/jenkinsci/aws-codedeploy-plugin/commit/a086092ddf79d0b232e44f5908e8b6ef3dfcde9dghsaWEB
News mentions
0No linked articles in our index yet.