CVE-2022-38663: Jenkins Git Plugin <4.11.4 Improper Credential Masking
CVE-2022-38663 Published on August 23, 2022

Jenkins Git Plugin 4.11.4 and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log provided by the Git Username and Password (`gitUsernamePassword`) credentials binding.

NVD

Products Associated with CVE-2022-38663

Want to know whenever a new CVE is published for Jenkins Git? stack.watch will email you.

Jenkins Git

Affected Versions

Jenkins project Jenkins Git Plugin:

Version unspecified, <= 4.11.4 is affected.
Version 4.9.4 is unaffected.

Exploit Probability

EPSS

2.05%

Percentile

83.77%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2022-38663: Jenkins Git Plugin <4.11.4 Improper Credential MaskingCVE-2022-38663 Published on August 23, 2022

Products Associated with CVE-2022-38663

Affected Versions

Exploit Probability

CVE-2022-38663: Jenkins Git Plugin <4.11.4 Improper Credential Masking
CVE-2022-38663 Published on August 23, 2022