Описание
Jenkins Kubernetes Plugin 3909.v1f2c633e8590 and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenShift Container Platform 3.11 | jenkins-2-plugins | Not affected | ||
| Red Hat OpenShift Container Platform 4 | jenkins-2-plugins | Not affected |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-200
https://bugzilla.redhat.com/show_bug.cgi?id=2188455jenkins: Improper masking of credentials in multiple plugins
7.5 High
CVSS3
Связанные уязвимости
CVSS3: 7.5
nvd
больше 2 лет назад
Jenkins Kubernetes Plugin 3909.v1f2c633e8590 and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled.
CVSS3: 4.3
github
больше 2 лет назад
Jenkins Kubernetes Plugin does not properly mask credentials
7.5 High
CVSS3