5 matches found
CVE-2019-10358
Jenkins Maven Integration Plugin 3.3 and earlier did not apply build log decorators to module builds, potentially revealing sensitive build variables in the build log...
com.barchart.jenkins:maven-release-cascade (>=1.0.0 <=1.3.2), com.groupon.jenkins.plugins:DotCi-Plugins-Starter-Pack (>=1.0.0 <=1.6.2) +120 more potentially affected by CVE-2019-10358 via org.jenkins-ci.main:maven-plugin (>=1.396 <=3.1)
org.jenkins-ci.main:maven-plugin MAVEN version =1.396, =1.0.0, =1.0.0, =1.0.0, =1.0b, =0.9, =0.4.0, =1.2, =1.0.0, =1.7, =0.9, =0.1, =0.33, =1.396, =1.644 and more Source cves: CVE-2019-10358 Source advisory: OSV:GHSA-HR96-QFVM-52R6...
CVE-2019-10358
Jenkins Maven Integration Plugin 3.3 and earlier did not apply build log decorators to module builds, potentially revealing sensitive build variables in the build log...
CVE-2019-10358
CVE-2019-10358 affects the Jenkins Maven Integration Plugin (versions ≤ 3.3). The root cause is that build log decorators were not applied to module builds, which could cause sensitive build variables to be exposed in logs. The available connected documents consistently describe this as a disclos...
CVE-2019-10358
Jenkins Maven Integration Plugin 3.3 and earlier did not apply build log decorators to module builds, potentially revealing sensitive build variables in the build log...