42 matches found
CVE-2018-1000057
CVE-2018-1000057 affects Jenkins Credentials Binding Plugin (version 1.14 and earlier). The issue is that Jenkins masks passwords in logs but can transform values (e.g., resolving environment variable references), causing password-like values to be exposed or recoverable. This is due to substitut...
CVE-2018-1000057
Jenkins Credentials Binding Plugin 1.14 and earlier masks passwords it provides to build processes in their build logs. Jenkins however transforms provided password values, e.g. replacing environment variable references, which could result in values different from but similar to configured...