Cisco Talos is disclosing vulnerabilities in Swarm, Ansible and GitLab plugins. All three are information disclosure vulnerabilities that could allow an attacker to trick the plugin into disclosing credentials from the Jenkins credential database to a server that they control. Peter Adkins of Cisco Umbrella discovered these vulnerabilities. The following SNORT rules will detect exploitation attempts and that these issues are resolved and that updates are available for affected customers. For the most current rules, please refer to your most current rule to your Firepower Management Center Snort.org.”]
Source: https://blog.talosintelligence.com/2019/05/jenkins-plugins-vulnerability-spotlight-may-19.html