{"id":"CVE-2018-1000610","details":"A exposure of sensitive information vulnerability exists in Jenkins Configuration as Code Plugin 0.7-alpha and earlier in DataBoundConfigurator.java, Attribute.java, BaseConfigurator.java, ExtensionConfigurator.java that allows attackers with access to Jenkins log files to obtain the passwords configured using Configuration as Code Plugin.","aliases":["GHSA-8486-h39x-cx2f"],"modified":"2026-04-10T04:03:27.913224Z","published":"2018-06-26T17:29:00.710Z","references":[{"type":"ADVISORY","url":"https://jenkins.io/security/advisory/2018-06-25/#SECURITY-929"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/jenkinsci/configuration-as-code-plugin","events":[{"introduced":"0"},{"last_affected":"7da449e792a0cb5fb58e192957da0940bbde3870"},{"introduced":"0"},{"last_affected":"2caadef9cbb3b6ecc49be521f5815a3704596756"},{"introduced":"0"},{"last_affected":"9b80243d1df5fcf8f5dc103946faa1a2b062a5ab"},{"introduced":"0"},{"last_affected":"987b55ffdf7e7468ac9b739e5d7bee6129cfa7fc"},{"introduced":"0"},{"last_affected":"8921814751e0465ba31b853b9adec18bb557f0ff"},{"introduced":"0"},{"last_affected":"3dc97356b1d8c2c3488b88c1fdeb3a508385b4b7"},{"introduced":"0"},{"last_affected":"d14a4eb9d2831691a712ebab4bd80d4b85dc38ad"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"0.1-alpha"},{"introduced":"0"},{"last_affected":"0.2-alpha"},{"introduced":"0"},{"last_affected":"0.3-alpha"},{"introduced":"0"},{"last_affected":"0.4-alpha"},{"introduced":"0"},{"last_affected":"0.5-alpha"},{"introduced":"0"},{"last_affected":"0.6-alpha"},{"introduced":"0"},{"last_affected":"0.7-alpha"}]}}],"versions":["configuration-as-code-0.1-alpha","configuration-as-code-0.2-alpha","configuration-as-code-0.3-alpha","configuration-as-code-0.4-alpha","configuration-as-code-0.5-alpha","configuration-as-code-0.6-alpha","configuration-as-code-0.7-alpha"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1000610.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}