6 matches found
RHCOS 4 : OpenShift Container Platform 4.4.20 jenkins-2-plugins (RHSA-2020:3625)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:3625 advisory. - jenkins-credentials-binding-plugin: information disclosure in build log when build contains no build steps CVE-2020-2181 -...
com.nirima:docker-plugin (>=0.17 <=1.0.4), com.testinium.jenkins:testinium (=1.0) +38 more potentially affected by CVE-2020-2181 via org.jenkins-ci.plugins:credentials-binding (>=1.10 <=1.18)
org.jenkins-ci.plugins:credentials-binding MAVEN version =1.10, =0.17, =1.0.43, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =0.1-preview-1, =1.2.7, =0.1.0, =0.1.1, =0.4.2 and more Source cves: CVE-2020-2181 Source advisory: OSV:GHSA-43J2-R4V3-M8JP...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.3.40 jenkins-2-plugins security update
Red Hat OpenShift Container Platform release 4.3.40 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, whic...
RHEL 7 : OpenShift Container Platform 4.4.20 jenkins-2-plugins (RHSA-2020:3625)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:3625 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...
CVE-2020-2181
Jenkins Credentials Binding Plugin 1.22 and earlier does not mask i.e., replace with asterisks secrets in the build log when the build contains no build steps...
CVE-2020-2181
CVE-2020-2181 affects Jenkins Credentials Binding Plugin (versions 1.22 and earlier) where secrets are not masked in build logs when a build contains no build steps. This is documented in a GHSA advisory for Jenkins Credentials Binding Plugin and reflected in Red Hat advisories linking CVE-2020-2...