We found results for “”
CVE-2023-30513
Good to know:
Date: April 12, 2023
Jenkins Kubernetes Plugin 3909.v1f2c633e8590 and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled.
Language: Java
Severity Score
Severity Score
Weakness Type (CWE)
Cleartext Transmission of Sensitive Information
CWE-319Top Fix
Upgrade Version
Upgrade to version org.csanchez.jenkins.plugins:kubernetes:3900.3902.v10b_836a_c8c15,3910.ve59cec5e33ea
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | NONE |
Availability (A): | NONE |