{"id":"CVE-2019-10358","details":"Jenkins Maven Integration Plugin 3.3 and earlier did not apply build log decorators to module builds, potentially revealing sensitive build variables in the build log.","aliases":["GHSA-hr96-qfvm-52r6"],"modified":"2026-04-11T18:24:06.194714Z","published":"2019-07-31T13:15:12.620Z","references":[{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2019/07/31/1"},{"type":"ADVISORY","url":"https://jenkins.io/security/advisory/2019-07-31/#SECURITY-713"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/jenkinsci/maven-plugin","events":[{"introduced":"0"},{"last_affected":"e314ef36a6c539fea2a1a4b6ed0a15d192ccd242"}],"database_specific":{"cpe":"cpe:2.3:a:jenkins:maven:*:*:*:*:*:jenkins:*:*","source":"CPE_FIELD","extracted_events":[{"introduced":"0"},{"last_affected":"3.3"}]}}],"versions":["maven-plugin-2.0","maven-plugin-2.0-beta-1","maven-plugin-2.1","maven-plugin-2.10","maven-plugin-2.11","maven-plugin-2.12","maven-plugin-2.12.1","maven-plugin-2.13","maven-plugin-2.14","maven-plugin-2.15","maven-plugin-2.15.1","maven-plugin-2.16","maven-plugin-2.17","maven-plugin-2.2","maven-plugin-2.3","maven-plugin-2.4","maven-plugin-2.5","maven-plugin-2.6","maven-plugin-2.7","maven-plugin-2.7.1","maven-plugin-2.8","maven-plugin-2.9","maven-plugin-3.0","maven-plugin-3.0-rc1","maven-plugin-3.0-rc2","maven-plugin-3.1","maven-plugin-3.1.1","maven-plugin-3.1.2","maven-plugin-3.2","maven-plugin-3.3"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-10358.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}