Jenkins NodeJS Plugin 1.6.0 and earlier does not properly mask (i.e., replace with asterisks) credentials specified in the Npm config file in Pipeline build logs.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: jenkins
Published: 2023-08-16T14:32:51.990Z
Updated: 2024-08-02T18:31:53.728Z
Reserved: 2023-08-14T16:02:56.435Z
Link: CVE-2023-40340
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-08-16T15:15:11.620
Modified: 2023-08-22T18:56:54.967
Link: CVE-2023-40340
Redhat
No data.