CVE-2023-41934 Information
Sep 08, 2023
cve
Description
Jenkins Pipeline Maven Integration Plugin 1330.v18e473854496 and earlier does not properly mask (i.e. replace with asterisks) usernames of credentials specified in custom Maven settings in Pipeline build logs if \Treat username as secret\ is checked.
Reference
https://www.jenkins.io/security/advisory/2023-09-06/#SECURITY-3257 http://www.openwall.com/lists/oss-security/2023/09/06/9
Share on: