もっと詳しく

Missing permission checks in Jenkins SSH Agent Plugin 1.23 and earlier allow attackers with Overall/Read access to enumerate credentials IDs of credentials stored in Jenkins. An enumeration of credentials IDs in SSH Agent Plugin 1.23.2 requires the appropriate permissions.

References