Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:43 a.m.9 views

CVE-2023-30514

Jenkins Azure Key Vault Plugin 187.vacd5fecd198a and earlier does not properly mask i.e., replace with asterisks credentials in the build log when push mode for durable task logging is enabled...

7.5CVSS6.7AI score0.0048EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/04/13 12:0 a.m.24 views

Jenkins Enterprise and Operations Center 2.346.x < 2.346.40.0.15 Multiple Vulnerabilities (CloudBees Security Advisory 2023-04-12)

The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.346.x prior to 2.346.40.0.15. It is, therefore, affected by multiple vulnerabilities including the following: - Jenkins Kubernetes Plugin 3909.v1f2c633e8590 and earlier does not properly mask i.e....

8.8CVSS5.9AI score0.0078EPSS
Exploits0References21
Github Security Blog
Github Security Blog
added 2023/04/12 6:30 p.m.32 views

Jenkins Azure Key Vault Plugin does not properly mask credentials

Multiple Jenkins plugins do not properly mask i.e., replace with asterisks credentials printed in the build log from Pipeline steps like sh and bat, when both of the following conditions are met: - The credentials are printed in build steps executing on an agent typically inside a node block. -...

7.5CVSS7.5AI score0.00491EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2023/04/12 6:15 p.m.21 views

CVE-2023-30514

Jenkins Azure Key Vault Plugin 187.vacd5fecd198a and earlier does not properly mask i.e., replace with asterisks credentials in the build log when push mode for durable task logging is enabled...

7.5CVSS7.5AI score0.0048EPSS
Exploits0References2
CVE
CVE
added 2023/04/12 5:5 p.m.61 views

CVE-2023-30514

CVE-2023-30514 affects the Jenkins Azure Key Vault Plugin; by 187.va_cd5fecd198a_ and earlier, credentials could be exposed in build logs when durable-task push-mode logging is enabled. The CVSSv3.1 base score is 7.5 (HIGH). CloudBees advisory notes that a fix exists in the newer Azure Key Vault ...

7.5CVSS7.4AI score0.0048EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2020/11/04 2:35 p.m.68 views

CVE-2020-2313

Summary: CVE-2020-2313 affects the Jenkins Azure Key Vault Plugin (versions 2.0 and earlier). The issue is a missing permission check on multiple HTTP endpoints, allowing attackers who have Overall/Read permission to enumerate credentials IDs stored in Jenkins. Impact (as stated): Credentials IDs...

4.3CVSS4.4AI score0.00776EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/11/04 2:35 p.m.23 views

CVE-2020-2313

A missing permission check in Jenkins Azure Key Vault Plugin 2.0 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

4.5AI score0.00776EPSS
Exploits0References1
Rows per page
Query Builder