CVE-2019-1010241

The CVE-2019-1010241 entry affects Jenkins Credentials Binding Plugin (v1.17) where the vulnerability exists in config-variables.jelly at line 30 (passwordVariable). The underlying issue is storing passwords in a recoverable format (CWE-257). As described, authenticated users can recover credenti...

CloudBees Jenkins Credentials Binding Plugin Information Disclosure Vulnerability

CloudBees Jenkins formerly known as Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software release/testing projects and some of the timed execution of the task.Credentials Binding...

CVE-2018-1000057

Jenkins Credentials Binding Plugin 1.14 and earlier masks passwords it provides to build processes in their build logs. Jenkins however transforms provided password values, e.g. replacing environment variable references, which could result in values different from but similar to configured...

CVE-2018-1000057

CVE-2018-1000057 affects Jenkins Credentials Binding Plugin (version 1.14 and earlier). The issue is that Jenkins masks passwords in logs but can transform values (e.g., resolving environment variable references), causing password-like values to be exposed or recoverable. This is due to substitut...

CVE-2018-1000057

Jenkins Credentials Binding Plugin 1.14 and earlier masks passwords it provides to build processes in their build logs. Jenkins however transforms provided password values, e.g. replacing environment variable references, which could result in values different from but similar to configured...