Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-50777

Jenkins PaaSLane Estimate Plugin 1.0.4 and earlier does not mask PaaSLane authentication tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them.

Published

2023-12-13T18:15:44.377

Last Modified

2025-05-22T19:15:37.483

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.3 (MEDIUM)

Weaknesses

Type: Primary
CWE-312
Type: Secondary
CWE-863

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	jenkins	paaslane_estimate	≤ 1.0.4	Yes

References

http://www.openwall.com/lists/oss-security/2023/12/13/4 Mailing List ([email protected])
https://www.jenkins.io/security/advisory/2023-12-13/#SECURITY-3182 Vendor Advisory ([email protected])
http://www.openwall.com/lists/oss-security/2023/12/13/4 Mailing List (af854a3a-2127-422b-91ae-364da2661108)
https://www.jenkins.io/security/advisory/2023-12-13/#SECURITY-3182 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)