CVE-2023-40340

Jenkins NodeJS Plugin 1.6.0 and earlier does not properly mask i.e., replace with asterisks credentials specified in the Npm config file in Pipeline build logs...

Insertion Of Sensitive Information Into Log File

freeipa is vulnerable to Insertion Of Sensitive Information Into Log File. The vulnerability is due to a flaw in FreeIPA's batch processing API resulting in improper masking of sensitive information in logs, such as clear text user passwords...

Jenkins Enterprise and Operations Center 2.346.x < 2.346.40.0.17 Multiple Vulnerabilities (CloudBees Security Advisory 2023-05-16)

The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.346.x prior to 2.346.40.0.17. It is, therefore, affected by multiple vulnerabilities including the following: - CSRF vulnerability and missing permission checks in Code Dx Plugin CVE-2023-2195,...

IBM Robotic Process Automation 信息泄露漏洞

IBM Robotic Process Automation is a robotic process automation product from IBM USA. It helps you automate more business and IT processes at scale with the ease and speed of traditional RPA. IBM Robotic Process Automation suffers from an information disclosure vulnerability that stems from...

Information disclosure

When dynamic templates are used OTRSTicketForms, admin can use OTRS tags which are not masked properly and can reveal sensitive information. This issue affects: OTRS AG OTRSTicketForms 6.0.x version 6.0.40 and prior versions; 7.0.x version 7.0.29 and prior versions; 8.0.x version 8.0.3 and prior...

RHEL 7 : OpenShift Container Platform 4.5.6 (RHSA-2020:3453)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3453 advisory. The Matrix Project is a module which handles creating Jenkins multi-configuration projects matrix projects. Matrix Authorization allows...