2 matches found
CVE-2023-40340
Jenkins NodeJS Plugin 1.6.0 and earlier does not properly mask i.e., replace with asterisks credentials specified in the Npm config file in Pipeline build logs...
CVE-2023-40340
Summary of CVE-2023-40340: The Jenkins NodeJS Plugin (versions ≤ 1.6.0) fails to mask credentials in the Npm config file as they appear in Pipeline build logs. This improper masking can expose credentials, per the Red Hat and NVD entries, which align on the affected plugin and version range. The ...