GHSA-xj4w-r6gr-x5qm, CVE-2019-10407
maven/hudson.plugins/project-inheritance
Exposure of Sensitive Information to an Unauthorized Actor
Jenkins Project Inheritance Plugin 2.0.0 and earlier displayed a list of environment variables passed to a build without masking sensitive variables contributed by the Mask Passwords Plugin.
All versions up to 19.08.01
Upgrade to version 19.08.02 or above.
2024-01-31
source |