CVE-2019-10343: Inclusion of Sensitive Information in Log Files

July 31, 2019 (updated October 9, 2019)

Jenkins Configuration as Code Plugin does not properly apply masking to values expected to be hidden when logging the configuration being applied.

References

jenkins.io/security/advisory/2019-07-31/
nvd.nist.gov/vuln/detail/CVE-2019-10343

Code Behaviors & Features

Detect and mitigate CVE-2019-10343 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →