1. Home
  2. Security Advisories
  3. Jenkins
  4. JENKINS:SECURITY-713

[JENKINS:SECURITY-713] `maven-plugin` did not mask sensitive values in module build logs

Severity Medium
Affected Packages 2
Fixed Packages 2
CVEs 1
Info Packages References Vulnerabilities

maven-plugin did not apply build log decorators from the Build Environment configuration to module builds.
This could prevent sensitive content in module build logs from being masked.

maven-plugin now applies build log decorators from the Build Environment configuration to module builds.

Package Affected Version
pkg:maven/org.jenkins-ci.plugins/maven-plugin <= 3.3
pkg:github/jenkinsci/maven-plugin-plugin <= 3.3
Package Fixed Version
pkg:maven/org.jenkins-ci.plugins/maven-plugin = 3.4
pkg:github/jenkinsci/maven-plugin-plugin = 3.4
ID
JENKINS:SECURITY-713
Severity
medium
Published
2019-07-31T00:00:00
(5 years ago)
Modified
2019-07-31T00:00:00
(5 years ago)
Rights
Jenkins Security Team
Other Advisories
Source # ID Name URL
Plugin repository maven-plugin repository https://github.com/jenkinsci/maven-plugin-plugin
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:maven/org.jenkins-ci.plugins/maven-plugin org.jenkins-ci.plugins maven-plugin <= 3.3
Fixed pkg:maven/org.jenkins-ci.plugins/maven-plugin org.jenkins-ci.plugins maven-plugin = 3.4
Affected pkg:github/jenkinsci/maven-plugin-plugin jenkinsci maven-plugin-plugin <= 3.3
Fixed pkg:github/jenkinsci/maven-plugin-plugin jenkinsci maven-plugin-plugin = 3.4
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date