CVE-2023-32983

Name
CVE-2023-32983
Description
Jenkins Ansible Plugin 204.v8191fd551eb_f and earlier does not mask extra variables displayed on the configuration form, increasing the potential for attackers to observe and capture them.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3017

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:jenkins:ansible:*:*:*:*:*:jenkins:*:* jenkins >= None <= 204.v8191fd551eb_f

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
jenkins 3.18-community 2.387.3-r0 Francesco Colista <fcolista@alpinelinux.org> possibly vulnerable
jenkins 3.19-community 2.440.3-r0 Francesco Colista <fcolista@alpinelinux.org> possibly vulnerable
jenkins 3.20-community 2.440.2-r0 Francesco Colista <fcolista@alpinelinux.org> possibly vulnerable
jenkins edge-community 2.462.1-r0 Francesco Colista <fcolista@alpinelinux.org> possibly vulnerable