Jenkins MQ Notifier Plugin Logs Sensitive Build Parameters by Default
CVE-2024-28154

Currently unrated

Key Information:

Vendor: Jenkins
Status: Jenkins MQ Notifier Plugin
Vendor: CVE Published:; 6 March 2024

Summary

Jenkins MQ Notifier Plugin 1.4.0 and earlier logs potentially sensitive build parameters as part of debug information in build logs by default.

Affected Version(s)

Jenkins MQ Notifier Plugin 0 <= 1.4.0

References

https://www.jenkins.io/security/advisory/2024-03-06/#SECU...

vendor-advisory

Timeline

Vulnerability published
Mar 6, 2024
Vulnerability Reserved
Mar 5, 2024

.