Jenkins Support Core Plugin stores sensitive data in plain text

2022-02-1600:01:28

Google

osv.dev

0.001 Low

EPSS

Percentile

28.6%

JSON

Jenkins Support Core Plugin 2.79 and earlier does not redact some sensitive information in the support bundle. Support Core Plugin 2.79.1 adds a list of keywords whose associated values are redacted.

CPENameOperatorVersion
org.jenkins-ci.plugins:support-coreeq2.63-alpha
org.jenkins-ci.plugins:support-coreeq2.62
org.jenkins-ci.plugins:support-coreeq2.48
org.jenkins-ci.plugins:support-coreeq2.53
org.jenkins-ci.plugins:support-coreeq2.5
org.jenkins-ci.plugins:support-coreeq1.0
org.jenkins-ci.plugins:support-coreeq2.4
org.jenkins-ci.plugins:support-coreeq1.4
org.jenkins-ci.plugins:support-coreeq2.24
org.jenkins-ci.plugins:support-coreeq2.45

Name	Operator	Version
org.jenkins-ci.plugins:support-core	eq	2.63-alpha
org.jenkins-ci.plugins:support-core	eq	2.62
org.jenkins-ci.plugins:support-core	eq	2.48
org.jenkins-ci.plugins:support-core	eq	2.53
org.jenkins-ci.plugins:support-core	eq	2.5
org.jenkins-ci.plugins:support-core	eq	1.0
org.jenkins-ci.plugins:support-core	eq	2.4
org.jenkins-ci.plugins:support-core	eq	1.4
org.jenkins-ci.plugins:support-core	eq	2.24
org.jenkins-ci.plugins:support-core	eq	2.45