Open mend-bolt-for-github[bot] opened 2 years ago
Integrates Jenkins with Git SCM
Library home page: https://github.com/jenkinsci/git-plugin/tree/git-4.2.1/README.adoc
Path to dependency file: /pom.xml
Path to vulnerable library: /-ci/plugins/git/4.2.1/git-4.2.1.jar
Dependency Hierarchy: - :x: **git-4.2.1.jar** (Vulnerable Library)
Found in HEAD commit: 97ed2b7fe477b78f0b26191e5950825314db7b2c
Found in base branch: master
Jenkins Git Plugin 4.11.4 and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log provided by the Git Username and Password (`gitUsernamePassword`) credentials binding.
Publish Date: 2022-08-23
URL: CVE-2022-38663
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: None - Availability Impact: None
Step up your Open Source Security Game with Mend here
CVE-2022-38663 - Medium Severity Vulnerability
Integrates Jenkins with Git SCM
Library home page: https://github.com/jenkinsci/git-plugin/tree/git-4.2.1/README.adoc
Path to dependency file: /pom.xml
Path to vulnerable library: /-ci/plugins/git/4.2.1/git-4.2.1.jar
Dependency Hierarchy: - :x: **git-4.2.1.jar** (Vulnerable Library)
Found in HEAD commit: 97ed2b7fe477b78f0b26191e5950825314db7b2c
Found in base branch: master
Jenkins Git Plugin 4.11.4 and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log provided by the Git Username and Password (`gitUsernamePassword`) credentials binding.
Publish Date: 2022-08-23
URL: CVE-2022-38663
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: None - Availability Impact: None
For more information on CVSS3 Scores, click here.Step up your Open Source Security Game with Mend here