org.jenkins-ci.plugins/ssh-credentials

Vulnerabilities (1)

• CVE-2018-1000601Jun 26, 2018
  affected < 1.14fixed 1.14

  A arbitrary file read vulnerability exists in Jenkins SSH Credentials Plugin 1.13 and earlier in BasicSSHUserPrivateKey.java that allows attackers with a Jenkins account and the permission to configure credential bindings to read arbitrary files from the Jenkins master file syste