Lucene search

K
alpinelinuxAlpine Linux Development TeamALPINE:CVE-2023-40339
HistoryAug 16, 2023 - 3:15 p.m.

CVE-2023-40339

2023-08-1615:15:11
Alpine Linux Development Team
security.alpinelinux.org
9
jenkins
config file provider
vulnerability
credentials
build log
unix

0.001 Low

EPSS

Percentile

36.6%

Jenkins Config File Provider Plugin 952.va_544a_6234b_46 and earlier does not mask (i.e., replace with asterisks) credentials specified in configuration files when they’re written to the build log.

OSVersionArchitecturePackageVersionFilename
Alpine3.18-communitynoarchjenkins=Β 2.387.3-r0UNKNOWN
Alpineedge-communitynoarchjenkins=Β 2.440.2-r0UNKNOWN
Alpine3.19-communitynoarchjenkins=Β 2.440.3-r0UNKNOWN

0.001 Low

EPSS

Percentile

36.6%