CVE-2019-10358
published 2019-07-31CVE-2019-10358: Jenkins Maven Integration Plugin 3.3 and earlier did not apply build log decorators to module builds, potentially revealing sensitive build variables in the…
medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
Jenkins Maven Integration Plugin 3.3 and earlier did not apply build log decorators to module builds, potentially revealing sensitive build variables in the build log.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jenkins | amazon_ec2_plugin | — | — |
| jenkins | between_configuration_as_code_plugin | — | — |
| jenkins | configuration_as_code_plugin | — | — |
| jenkins | deprecated_groovy_libraries_plugin | — | — |
| jenkins | google_kubernetes_engine_plugin | — | — |
| jenkins | maven | <= 3.3 | — |
| jenkins | maven_integration_plugin | — | — |
| jenkins | maven_release_plug-in_plugin | — | — |
| jenkins | sandbox_protection_in_script_security_plugin | — | — |
| jenkins | script_security_plugin | — | — |
| jenkins | since_configuration_as_code_plugin | — | — |
| jenkins | skytap_cloud_ci_plugin | — | — |
| jenkins_project | jenkins_maven_integration_plugin | — | — |