CVE-2023-41934

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-41934

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-41934.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-41934

Aliases

GHSA-9v8g-f9mq-739g

Published

2023-09-06T13:15:10Z

Modified

2024-09-26T22:49:41.706681Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

Jenkins Pipeline Maven Integration Plugin 1330.v18e473854496 and earlier does not properly mask (i.e., replace with asterisks) usernames of credentials specified in custom Maven settings in Pipeline build logs if "Treat username as secret" is checked.

References

Affected packages

Git / github.com/jenkinsci/pipeline-maven-plugin

Affected ranges

Type: GIT
Repo: https://github.com/jenkinsci/pipeline-maven-plugin
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

18e47385449654818d0a76dd2b3bda5371ac52eb

Affected versions

1161.*

1161.v89a_7dcec5d31

1195.*

1195.v3b_a_d1b_e792e0

1201.*

1201.v1fce0b_9b_a_e24

1203.*

1203.v75b_321f1c89f

1205.*

1205.vceea_7b_972817

1226.*

1226.v833b_d9f526b_9

1235.*

1235.v2db_ddd9f797b

1239.*

1239.v08f725b_927d9

1256.*

1256.v14a_6e1e0de4b

1257.*

1257.v89e586d3c58c

1274.*

1274.v870c8cb_fa_369

1279.*

1279.v5d711113020f

1290.*

1290.vf21c81e8c57f

1293.*

1293.v6c4d0ce54ee8

1298.*

1298.v43b_82f220a_e9

1314.*

1314.v09626b_14362f

1322.*

1322.v9ef317a_3e0a_9

1330.*

1330.v18e473854496

pipeline-maven-0.*

pipeline-maven-0.1-beta

pipeline-maven-0.2

pipeline-maven-0.3

pipeline-maven-0.4

pipeline-maven-0.5

pipeline-maven-2.*

pipeline-maven-2.3.0-beta-1

pipeline-maven-2.3.1-beta-1

pipeline-maven-2.4.0-beta-1

pipeline-maven-2.4.0-beta-2

pipeline-maven-2.5.0-alpha-1

pipeline-maven-3.*

pipeline-maven-3.0.0

pipeline-maven-3.0.0-beta-1

pipeline-maven-3.0.0-beta-2

pipeline-maven-3.0.0-beta-3

pipeline-maven-3.0.0-beta-4

pipeline-maven-3.0.0-beta-5

pipeline-maven-3.0.0-beta-6

pipeline-maven-3.0.1

pipeline-maven-3.0.1-beta-1

pipeline-maven-3.0.1-beta-2

pipeline-maven-3.0.2

pipeline-maven-3.0.3

pipeline-maven-3.0.3-beta-1

pipeline-maven-3.0.3-beta-2

pipeline-maven-3.0.4

pipeline-maven-3.0.5

pipeline-maven-3.0.6

pipeline-maven-3.0.6-beta-1

pipeline-maven-3.0.7

pipeline-maven-3.1.0

pipeline-maven-3.1.0-beta-1

pipeline-maven-3.10.0

pipeline-maven-3.11.0

pipeline-maven-3.11.0-alpha-1

pipeline-maven-3.11.1

pipeline-maven-3.11.2

pipeline-maven-3.2.0

pipeline-maven-3.2.0-alpha-1

pipeline-maven-3.2.0-alpha-2

pipeline-maven-3.2.1

pipeline-maven-3.2.1-beta-1

pipeline-maven-3.3.0

pipeline-maven-3.3.1

pipeline-maven-3.3.1-beta-1

pipeline-maven-3.3.1-beta-2

pipeline-maven-3.3.2

pipeline-maven-3.4.0

pipeline-maven-3.4.0-beta-1

pipeline-maven-3.4.1

pipeline-maven-3.4.2

pipeline-maven-3.4.3

pipeline-maven-3.5.0

pipeline-maven-3.5.0-beta-1

pipeline-maven-3.5.1

pipeline-maven-3.5.1-beta-1

pipeline-maven-3.5.10

pipeline-maven-3.5.11

pipeline-maven-3.5.12

pipeline-maven-3.5.12-beta-1

pipeline-maven-3.5.12-beta-2

pipeline-maven-3.5.12-beta-3

pipeline-maven-3.5.12-beta-4

pipeline-maven-3.5.13

pipeline-maven-3.5.14

pipeline-maven-3.5.15

pipeline-maven-3.5.15-beta-1

pipeline-maven-3.5.15-beta-2

pipeline-maven-3.5.15-beta-4

pipeline-maven-3.5.2

pipeline-maven-3.5.3

pipeline-maven-3.5.4

pipeline-maven-3.5.4-beta-1

pipeline-maven-3.5.5

pipeline-maven-3.5.6

pipeline-maven-3.5.7

pipeline-maven-3.5.7-beta-1

pipeline-maven-3.5.8

pipeline-maven-3.5.8-beta-1

pipeline-maven-3.5.9

pipeline-maven-3.6.0

pipeline-maven-3.6.0-beta-1

pipeline-maven-3.6.0-beta-2

pipeline-maven-3.6.1

pipeline-maven-3.6.10

pipeline-maven-3.6.11

pipeline-maven-3.6.12

pipeline-maven-3.6.13

pipeline-maven-3.6.14

pipeline-maven-3.6.15-beta-1

pipeline-maven-3.6.2

pipeline-maven-3.6.3

pipeline-maven-3.6.4

pipeline-maven-3.6.4-beta-1

pipeline-maven-3.6.5

pipeline-maven-3.6.5-beta-1

pipeline-maven-3.6.6

pipeline-maven-3.6.6-beta-1

pipeline-maven-3.6.6-beta-2

pipeline-maven-3.6.6-beta-3

pipeline-maven-3.6.6-beta-4

pipeline-maven-3.6.7

pipeline-maven-3.6.8

pipeline-maven-3.6.8-beta-1

pipeline-maven-3.6.8-beta-2

pipeline-maven-3.6.9

pipeline-maven-3.7.0

pipeline-maven-3.7.0-beta-1

pipeline-maven-3.7.1

pipeline-maven-3.8.0

pipeline-maven-3.8.1

pipeline-maven-3.8.2

pipeline-maven-3.8.3

pipeline-maven-3.9.0

pipeline-maven-3.9.0-beta-1

pipeline-maven-3.9.1

pipeline-maven-3.9.2

pipeline-maven-parent-2.*

pipeline-maven-parent-2.0

pipeline-maven-parent-2.0-beta-3

pipeline-maven-parent-2.0-beta-4

pipeline-maven-parent-2.0-beta-5

pipeline-maven-parent-2.0-beta-6

pipeline-maven-parent-2.0-beta-7

pipeline-maven-parent-2.0.1

pipeline-maven-parent-2.0.2

pipeline-maven-parent-2.0.3

pipeline-maven-parent-2.1.0

pipeline-maven-parent-2.1.0-beta-1

pipeline-maven-parent-2.1.1-beta-1

pipeline-maven-parent-2.2.0

pipeline-maven-parent-2.2.1

pipeline-maven-parent-2.3.0

pipeline-maven-parent-2.3.1

pipeline-maven-parent-2.4.0

pipeline-maven-parent-2.5.0

pipeline-maven-parent-2.5.1

pipeline-maven-parent-2.5.2

pipeline-maven-pom-2.*

pipeline-maven-pom-2.0-beta-1

pipeline-maven-pom-2.0-beta-2