CVE-2019-10407

Exposure of Sensitive Information to an Unauthorized Actor in maven/hudson.plugins/project-inheritance

Identifiers

GHSA-xj4w-r6gr-x5qm, CVE-2019-10407

Package Slug

maven/hudson.plugins/project-inheritance

Vulnerability

Exposure of Sensitive Information to an Unauthorized Actor

Description

Jenkins Project Inheritance Plugin 2.0.0 and earlier displayed a list of environment variables passed to a build without masking sensitive variables contributed by the Mask Passwords Plugin.

Affected Versions

All versions up to 19.08.01

Solution

Upgrade to version 19.08.02 or above.

Last Modified

2024-01-31

source