CVE-2023-41934

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-41934
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-41934.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-41934
Aliases
Published
2023-09-06T13:15:10.073Z
Modified
2026-03-14T12:14:54.065079Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

Jenkins Pipeline Maven Integration Plugin 1330.v18e473854496 and earlier does not properly mask (i.e., replace with asterisks) usernames of credentials specified in custom Maven settings in Pipeline build logs if "Treat username as secret" is checked.

References

Affected packages

Git / github.com/jenkinsci/pipeline-maven-plugin

Affected ranges

Type
GIT
Repo
https://github.com/jenkinsci/pipeline-maven-plugin
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
18e47385449654818d0a76dd2b3bda5371ac52eb
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1330.v18e473854496"
        }
    ]
}

Affected versions

1161.*
1161.v89a_7dcec5d31
1195.*
1195.v3b_a_d1b_e792e0
1201.*
1201.v1fce0b_9b_a_e24
1203.*
1203.v75b_321f1c89f
1205.*
1205.vceea_7b_972817
1226.*
1226.v833b_d9f526b_9
1235.*
1235.v2db_ddd9f797b
1239.*
1239.v08f725b_927d9
1256.*
1256.v14a_6e1e0de4b
1257.*
1257.v89e586d3c58c
1274.*
1274.v870c8cb_fa_369
1279.*
1279.v5d711113020f
1290.*
1290.vf21c81e8c57f
1293.*
1293.v6c4d0ce54ee8
1298.*
1298.v43b_82f220a_e9
1314.*
1314.v09626b_14362f
1322.*
1322.v9ef317a_3e0a_9
1330.*
1330.v18e473854496
pipeline-maven-0.*
pipeline-maven-0.1-beta
pipeline-maven-0.2
pipeline-maven-0.3
pipeline-maven-0.4
pipeline-maven-0.5
pipeline-maven-2.*
pipeline-maven-2.3.0-beta-1
pipeline-maven-2.3.1-beta-1
pipeline-maven-2.4.0-beta-1
pipeline-maven-2.4.0-beta-2
pipeline-maven-2.5.0-alpha-1
pipeline-maven-3.*
pipeline-maven-3.0.0
pipeline-maven-3.0.0-beta-1
pipeline-maven-3.0.0-beta-2
pipeline-maven-3.0.0-beta-3
pipeline-maven-3.0.0-beta-4
pipeline-maven-3.0.0-beta-5
pipeline-maven-3.0.0-beta-6
pipeline-maven-3.0.1
pipeline-maven-3.0.1-beta-1
pipeline-maven-3.0.1-beta-2
pipeline-maven-3.0.2
pipeline-maven-3.0.3
pipeline-maven-3.0.3-beta-1
pipeline-maven-3.0.3-beta-2
pipeline-maven-3.0.4
pipeline-maven-3.0.5
pipeline-maven-3.0.6
pipeline-maven-3.0.6-beta-1
pipeline-maven-3.0.7
pipeline-maven-3.1.0
pipeline-maven-3.1.0-beta-1
pipeline-maven-3.10.0
pipeline-maven-3.11.0
pipeline-maven-3.11.0-alpha-1
pipeline-maven-3.11.1
pipeline-maven-3.11.2
pipeline-maven-3.2.0
pipeline-maven-3.2.0-alpha-1
pipeline-maven-3.2.0-alpha-2
pipeline-maven-3.2.1
pipeline-maven-3.2.1-beta-1
pipeline-maven-3.3.0
pipeline-maven-3.3.1
pipeline-maven-3.3.1-beta-1
pipeline-maven-3.3.1-beta-2
pipeline-maven-3.3.2
pipeline-maven-3.4.0
pipeline-maven-3.4.0-beta-1
pipeline-maven-3.4.1
pipeline-maven-3.4.2
pipeline-maven-3.4.3
pipeline-maven-3.5.0
pipeline-maven-3.5.0-beta-1
pipeline-maven-3.5.1
pipeline-maven-3.5.1-beta-1
pipeline-maven-3.5.10
pipeline-maven-3.5.11
pipeline-maven-3.5.12
pipeline-maven-3.5.12-beta-1
pipeline-maven-3.5.12-beta-2
pipeline-maven-3.5.12-beta-3
pipeline-maven-3.5.12-beta-4
pipeline-maven-3.5.13
pipeline-maven-3.5.14
pipeline-maven-3.5.15
pipeline-maven-3.5.15-beta-1
pipeline-maven-3.5.15-beta-2
pipeline-maven-3.5.15-beta-4
pipeline-maven-3.5.2
pipeline-maven-3.5.3
pipeline-maven-3.5.4
pipeline-maven-3.5.4-beta-1
pipeline-maven-3.5.5
pipeline-maven-3.5.6
pipeline-maven-3.5.7
pipeline-maven-3.5.7-beta-1
pipeline-maven-3.5.8
pipeline-maven-3.5.8-beta-1
pipeline-maven-3.5.9
pipeline-maven-3.6.0
pipeline-maven-3.6.0-beta-1
pipeline-maven-3.6.0-beta-2
pipeline-maven-3.6.1
pipeline-maven-3.6.10
pipeline-maven-3.6.11
pipeline-maven-3.6.12
pipeline-maven-3.6.13
pipeline-maven-3.6.14
pipeline-maven-3.6.15-beta-1
pipeline-maven-3.6.2
pipeline-maven-3.6.3
pipeline-maven-3.6.4
pipeline-maven-3.6.4-beta-1
pipeline-maven-3.6.5
pipeline-maven-3.6.5-beta-1
pipeline-maven-3.6.6
pipeline-maven-3.6.6-beta-1
pipeline-maven-3.6.6-beta-2
pipeline-maven-3.6.6-beta-3
pipeline-maven-3.6.6-beta-4
pipeline-maven-3.6.7
pipeline-maven-3.6.8
pipeline-maven-3.6.8-beta-1
pipeline-maven-3.6.8-beta-2
pipeline-maven-3.6.9
pipeline-maven-3.7.0
pipeline-maven-3.7.0-beta-1
pipeline-maven-3.7.1
pipeline-maven-3.8.0
pipeline-maven-3.8.1
pipeline-maven-3.8.2
pipeline-maven-3.8.3
pipeline-maven-3.9.0
pipeline-maven-3.9.0-beta-1
pipeline-maven-3.9.1
pipeline-maven-3.9.2
pipeline-maven-parent-2.*
pipeline-maven-parent-2.0
pipeline-maven-parent-2.0-beta-3
pipeline-maven-parent-2.0-beta-4
pipeline-maven-parent-2.0-beta-5
pipeline-maven-parent-2.0-beta-6
pipeline-maven-parent-2.0-beta-7
pipeline-maven-parent-2.0.1
pipeline-maven-parent-2.0.2
pipeline-maven-parent-2.0.3
pipeline-maven-parent-2.1.0
pipeline-maven-parent-2.1.0-beta-1
pipeline-maven-parent-2.1.1-beta-1
pipeline-maven-parent-2.2.0
pipeline-maven-parent-2.2.1
pipeline-maven-parent-2.3.0
pipeline-maven-parent-2.3.1
pipeline-maven-parent-2.4.0
pipeline-maven-parent-2.5.0
pipeline-maven-parent-2.5.1
pipeline-maven-parent-2.5.2
pipeline-maven-pom-2.*
pipeline-maven-pom-2.0-beta-1
pipeline-maven-pom-2.0-beta-2

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-41934.json"