Open github-actions[bot] opened 11 months ago
Description:
Jenkins NodeJS Plugin 1.6.0 and earlier does not properly mask (i.e., replace with asterisks) credentials specified in the Npm config file in Pipeline build logs.
📦 Vulnerable Dependencies
✍️ Summary
Medium | Undetermined | org.jenkins-ci.plugins:nodejs:1.2.7 | org.jenkins-ci.plugins:nodejs:1.2.7 | [1.6.0.1] |
👇 Details
Description:
Jenkins NodeJS Plugin 1.6.0 and earlier does not properly mask (i.e., replace with asterisks) credentials specified in the Npm config file in Pipeline build logs.