Lucene search

Insertion of Sensitive Information into Log File in Jenkins Configuration as Code Plugin

🗓️ 24 May 2022 16:50:51Reported by GitHub Advisory DatabaseType

Insertion of Sensitive Information into Log File in Jenkins Configuration as Code Plugin. The Configuration as Code Plugin logs changes and masks passwords to prevent disclosure. Updates in versions 1.0 and 1.1 improved log message masking, specifically for type 'Secret'

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 11
OSV	CVE-2019-10343	31 Jul 201913:15	–	osv
OSV	Insertion of Sensitive Information into Log File in Jenkins Configuration as Code Plugin	24 May 202216:51	–	osv
OSV	CVE-2019-10367	7 Aug 201915:15	–	osv
Cvelist	CVE-2019-10343	31 Jul 201912:45	–	cvelist
Cvelist	CVE-2019-10367	7 Aug 201914:20	–	cvelist
NVD	CVE-2019-10343	31 Jul 201913:15	–	nvd
NVD	CVE-2019-10367	7 Aug 201915:15	–	nvd
Prion	Design/Logic Flaw	31 Jul 201913:15	–	prion
Prion	Authorization	7 Aug 201915:15	–	prion
CVE	CVE-2019-10343	31 Jul 201913:15	–	cve

Vulners

Node

io.jenkins configuration-as-codeRange≤1.24

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2019-10343
jenkins	www.jenkins.io/security/advisory/2019-07-31/
openwall	www.openwall.com/lists/oss-security/2019/07/31/1
github	www.github.com/jenkinsci/configuration-as-code-plugin/commit/73afe3cb10a723cb06e29c2e5499206aadae3a0d
github	www.github.com/advisories/GHSA-vwq9-cmqr-3c8c

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

24 May 2022 16:51Current

4.9Medium risk

Vulners AI Score4.9

CVSS22.1

CVSS33.3

EPSS0.00015

CWE-532