CVE-2019-10407

CVSS v3.1 6.5 (Medium)

CVSS v2.0 4 (Medium)

EPSS 0.06 % (28^th)

Affected Products 1

Advisories 2

Jenkins Project Inheritance Plugin 2.0.0 and earlier displayed a list of environment variables passed to a build without masking sensitive variables contributed by the Mask Passwords Plugin.

Weaknesses

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

CVE Status: PUBLISHED
CNA: Jenkins Project
Published Date: 2019-09-25 16:15:10
(5 years ago)
Updated Date: 2023-10-25 18:16:21
(10 months ago)

Affected Products

Jenkins

Project Inheritance

Configuration #1

		CPE23	From	Up To
	Jenkins Project Inheritance for Jenkins 2.0.0 and prior versions	cpe:2.3:a:jenkins:project_inheritance::::::jenkins		<= 2.0.0