GHSA-9768-HPRV-CRJ5 Jenkins Credentials Binding Plugin vulnerability can expose sensitive information in logger messages

Jenkins Credentials Binding Plugin 687.v619cb15e923f and earlier does not properly mask i.e., replace with asterisks credentials present in exception error messages that are written to the build log. Credentials Binding Plugin 687.689.v1af775332fc9 rethrows exceptions that contain credentials,...

CVE-2023-33001

Jenkins HashiCorp Vault Plugin 360.v0a1c04cf807d and earlier does not properly mask i.e., replace with asterisks credentials in the build log when push mode for durable task logging is enabled...

PT-2023-22744 · Jenkins · Jenkins Thycotic Devops Secrets Vault Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Thycotic DevOps Secrets Vault Plugin versions 1.0.0 and earlier Description: The issue arises from the improper masking of credentials in the build log when push mode for durable task logging is enabled. This means that credentials ar...