CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-30514
https://notcve.org/view.php?id=CVE-2023-30514
Jenkins Azure Key Vault Plugin 187.va_cd5fecd198a_ and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled. • http://www.openwall.com/lists/oss-security/2023/04/13/3 https://www.jenkins.io/security/advisory/2023-04-12/#SECURITY-3075 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-30513
https://notcve.org/view.php?id=CVE-2023-30513
Jenkins Kubernetes Plugin 3909.v1f2c633e8590 and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled. • http://www.openwall.com/lists/oss-security/2023/04/13/3 https://www.jenkins.io/security/advisory/2023-04-12/#SECURITY-3075 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28684
https://notcve.org/view.php?id=CVE-2023-28684
Jenkins remote-jobs-view-plugin Plugin 0.0.3 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. • https://www.jenkins.io/security/advisory/2023-03-21/#SECURITY-2956 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28683
https://notcve.org/view.php?id=CVE-2023-28683
Jenkins Phabricator Differential Plugin 2.1.5 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. • https://www.jenkins.io/security/advisory/2023-03-21/#SECURITY-2942 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28682
https://notcve.org/view.php?id=CVE-2023-28682
Jenkins Performance Publisher Plugin 8.09 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. • https://www.jenkins.io/security/advisory/2023-03-21/#SECURITY-2928 • CWE-611: Improper Restriction of XML External Entity Reference •