Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Docker Commons Plugin provides a list of applicable credential IDs to allow users configuring a job to select the one they'd like to use to authenticate with a Docker Registry. This functionality did not check permissions, allowing any user with Overall/Read permission to get a list of valid credentials IDs. Those could be used as part of an attack to capture the credentials using another vulnerability.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
CloudBees Docker Commons插件信息漏洞
Vulnerability Description
CloudBees Docker Commons Plugin是美国CloudBees公司的Jenkins(基于Java开发的持续集成工具)中的一个API共享插件。 CloudBees Docker Commons插件中存在安全漏洞,该漏洞源于程序没有检测权限。远程攻击者可利用该漏洞获取有效证书ID列表。
CVSS Information
N/A
Vulnerability Type
N/A