CVE-2022-27208

Name of the Vulnerable Software and Affected Versions Jenkins Kubernetes Continuous Deploy Plugin versions 2.3.1 and earlier

Description The issue allows users with Credentials/Create permission to read arbitrary files on the Jenkins controller. This is a significant security concern as it potentially exposes sensitive information.

Recommendations For Jenkins Kubernetes Continuous Deploy Plugin versions 2.3.1 and earlier, update to a version later than 2.3.1 to resolve the issue. As a temporary workaround, consider restricting the Credentials/Create permission to minimize the risk of exploitation.