Vulnerability Details CVE-2023-40340
Jenkins NodeJS Plugin 1.6.0 and earlier does not properly mask (i.e., replace with asterisks) credentials specified in the Npm config file in Pipeline build logs.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.8%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2023-40340
-
cpe:2.3:a:jenkins:nodejs:0.2
-
cpe:2.3:a:jenkins:nodejs:0.2.1
-
cpe:2.3:a:jenkins:nodejs:0.2.2
-
cpe:2.3:a:jenkins:nodejs:1.0
-
cpe:2.3:a:jenkins:nodejs:1.0.1
-
cpe:2.3:a:jenkins:nodejs:1.1.0
-
cpe:2.3:a:jenkins:nodejs:1.1.1
-
cpe:2.3:a:jenkins:nodejs:1.1.2
-
cpe:2.3:a:jenkins:nodejs:1.1.3
-
cpe:2.3:a:jenkins:nodejs:1.2.0
-
cpe:2.3:a:jenkins:nodejs:1.2.1
-
cpe:2.3:a:jenkins:nodejs:1.2.2
-
cpe:2.3:a:jenkins:nodejs:1.2.3
-
cpe:2.3:a:jenkins:nodejs:1.2.4
-
cpe:2.3:a:jenkins:nodejs:1.2.5
-
cpe:2.3:a:jenkins:nodejs:1.2.6
-
cpe:2.3:a:jenkins:nodejs:1.2.7
-
cpe:2.3:a:jenkins:nodejs:1.2.8
-
cpe:2.3:a:jenkins:nodejs:1.2.9
-
cpe:2.3:a:jenkins:nodejs:1.3.0
-
cpe:2.3:a:jenkins:nodejs:1.3.1
-
cpe:2.3:a:jenkins:nodejs:1.3.10
-
cpe:2.3:a:jenkins:nodejs:1.3.11
-
cpe:2.3:a:jenkins:nodejs:1.3.2
-
cpe:2.3:a:jenkins:nodejs:1.3.3
-
cpe:2.3:a:jenkins:nodejs:1.3.4
-
cpe:2.3:a:jenkins:nodejs:1.3.5
-
cpe:2.3:a:jenkins:nodejs:1.3.6
-
cpe:2.3:a:jenkins:nodejs:1.3.7
-
cpe:2.3:a:jenkins:nodejs:1.3.8
-
cpe:2.3:a:jenkins:nodejs:1.3.9
-
cpe:2.3:a:jenkins:nodejs:1.4.0
-
cpe:2.3:a:jenkins:nodejs:1.4.1
-
cpe:2.3:a:jenkins:nodejs:1.4.2
-
cpe:2.3:a:jenkins:nodejs:1.4.3
-
cpe:2.3:a:jenkins:nodejs:1.5.0
-
cpe:2.3:a:jenkins:nodejs:1.5.1
-
cpe:2.3:a:jenkins:nodejs:1.6.0