Description
Due to an incomplete fix of CVE-2019-10343, Jenkins Configuration as Code Plugin 1.26 and earlier did not properly apply masking to some values expected to be hidden when logging the configuration being applied.
Remediation
References
https://jenkins.io/security/advisory/2019-08-07/#SECURITY-1497
http://www.openwall.com/lists/oss-security/2019/08/07/1
Related Vulnerabilities
CVE-2023-37263 Vulnerability in npm package @strapi/plugin-content-manager
CVE-2022-36437 Vulnerability in maven package com.hazelcast:hazelcast
CVE-2019-10402 Vulnerability in maven package org.jenkins-ci.main:jenkins-core
CVE-2022-45064 Vulnerability in maven package org.apache.sling:org.apache.sling.engine
CVE-2021-28655 Vulnerability in maven package org.apache.zeppelin:zeppelin