com.datapipe.jenkins.plugins:hashicorp-vault-plugin is vulnerable to Information Disclosure. A remote authenticated attacker is able to gain access to sensitive information because it does not properly mask credentials in the build log when push mode for durable task logging is enabled.
CPE | Name | Operator | Version |
---|---|---|---|
hashicorp vault plugin | le | 2.1.0 | |
hashicorp vault plugin | le | 2.1.0 |