180 matches found
CVE-2026-7860
A possible information disclosure vulnerability exists in the Vaadin Maven plugin and Vaadin Gradle plugin that exposes the full set of environment variables in build logs whenever the frontend build process exits with a non-zero status. Because the build environment may contain credentials...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure in the frontend build process when it exits with a non-zero status. An attacker can obtain sensitive environment variables, including credentials, by reviewing build logs or archived build artifacts generated during...
GHSA-J8MX-J73W-9MXW Vaadin Build Plugins is Affected by a Possible Information Disclosure Vulnerability
A possible information disclosure vulnerability exists in the Vaadin Maven plugin and Vaadin Gradle plugin that exposes the full set of environment variables in build logs whenever the frontend build process exits with a non-zero status. Because the build environment may contain credentials...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure in the frontend build process when it exits with a non-zero status. An attacker can obtain sensitive environment variables, including credentials, by reviewing build logs or archived build artifacts generated during...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure in the frontend build process when it exits with a non-zero status. An attacker can obtain sensitive environment variables, including credentials, by reviewing build logs or archived build artifacts generated during...
CVE-2026-7860
A possible information disclosure vulnerability exists in the Vaadin Maven plugin and Vaadin Gradle plugin that exposes the full set of environment variables in build logs whenever the frontend build process exits with a non-zero status. Because the build environment may contain credentials...
CVE-2026-7860
A possible information disclosure vulnerability exists in the Vaadin Maven plugin and Vaadin Gradle plugin that exposes the full set of environment variables in build logs whenever the frontend build process exits with a non-zero status. Because the build environment may contain credentials...
CVE-2026-7860 Possible information disclosure of environment variables in Vaadin Build Plugins via Failed Frontend Build
A possible information disclosure vulnerability exists in the Vaadin Maven plugin and Vaadin Gradle plugin that exposes the full set of environment variables in build logs whenever the frontend build process exits with a non-zero status. Because the build environment may contain credentials...
EUVD-2026-30891
A possible information disclosure vulnerability exists in the Vaadin Maven plugin and Vaadin Gradle plugin that exposes the full set of environment variables in build logs whenever the frontend build process exits with a non-zero status. Because the build environment may contain credentials...
Possible information disclosure of environment variables in Vaadin Build Plugins via Failed Frontend Build
A security vulnerability in the Vaadin Maven plugin and Vaadin Gradle plugin exposes the full set of environment variables in build logs whenever the frontend build process exits with a non-zero status. See CWE-209 Generation of Error Message Containing Sensitive Information Description A possibl...
PT-2026-41882
A possible information disclosure vulnerability exists in the Vaadin Maven plugin and Vaadin Gradle plugin that exposes the full set of environment variables in build logs whenever the frontend build process exits with a non-zero status. Because the build environment may contain credentials...
CVE-2023-40340
Jenkins NodeJS Plugin 1.6.0 and earlier does not properly mask i.e., replace with asterisks credentials specified in the Npm config file in Pipeline build logs...
CVE-2022-23109
Jenkins HashiCorp Vault Plugin 3.7.0 and earlier does not mask Vault credentials in Pipeline build logs or in Pipeline step descriptions when Pipeline: Groovy Plugin 2.85 or later is installed...
EUVD-2022-0614
Malicious code in bioql PyPI...
EUVD-2023-2390
Malicious code in bioql PyPI...
EUVD-2023-1976
Malicious code in bioql PyPI...
EUVD-2022-2271
Malicious code in bioql PyPI...
EUVD-2022-7371
Malicious code in bioql PyPI...
EUVD-2022-1841
Malicious code in bioql PyPI...
EUVD-2022-2144
Malicious code in bioql PyPI...