5 matches found
GHSA-V3FV-V9M6-26G3 Jenkins HashiCorp Vault Plugin has improper masking of credentials
Jenkins HashiCorp Vault Plugin 360.v0a1c04cf807d and earlier does not properly mask i.e., replace with asterisks credentials printed in the build log from Pipeline steps like sh and bat, when both of the following conditions are met: - The credentials are printed in build steps executing on an...
GHSA-9R7F-RQHW-J8H8 Incorrect permission checks in Pipeline: Nodes and Processes plugin
On Jenkins instances with Authorize Project plugin, the authentication associated with a build may lack the Computer/Build permission on some agents. This did not prevent the execution of Pipeline node blocks on those agents due to incorrect permissions checks in Pipeline: Nodes and Processes...
Unspecified Vulnerability in Pipeline: Nodes and Processes Plugin
Pipeline: Nodes and Processes is a node and process plugin for use in Jenkins. A security vulnerability exists in Pipeline: Nodes and Processes plugin version 2.17 and earlier, which stems from the program failing to properly detect permissions. No information about this vulnerability is availabl...
CVE-2018-1000015
On Jenkins instances with Authorize Project plugin, the authentication associated with a build may lack the Computer/Build permission on some agents. This did not prevent the execution of Pipeline node blocks on those agents due to incorrect permissions checks in Pipeline: Nodes and Processes...
CVE-2018-1000015
CVE-2018-1000015 affects Jenkins with the Authorize Project plugin where authentication for a build may lack Computer/Build permission on some agents. The vulnerability arises from incorrect permission checks in Pipeline: Nodes and Processes plugin versions 2.17 and earlier, which allowed executi...