{"id":"CVE-2019-10367","details":"Due to an incomplete fix of CVE-2019-10343, Jenkins Configuration as Code Plugin 1.26 and earlier did not properly apply masking to some values expected to be hidden when logging the configuration being applied.","aliases":["GHSA-7c3v-vc3x-x789"],"modified":"2026-04-11T18:24:07.697316Z","published":"2019-08-07T15:15:12.063Z","references":[{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2019/08/07/1"},{"type":"ADVISORY","url":"https://jenkins.io/security/advisory/2019-08-07/#SECURITY-1497"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/jenkinsci/configuration-as-code-plugin","events":[{"introduced":"0"},{"last_affected":"b2d809e1934e86543cb6f8b40b95084388630a81"}],"database_specific":{"extracted_events":[{"introduced":"0"},{"last_affected":"1.26"}],"source":"CPE_FIELD","cpe":"cpe:2.3:a:jenkins:configuration_as_code:*:*:*:*:*:jenkins:*:*"}}],"versions":["configuration-as-code-0.1-alpha","configuration-as-code-0.10-alpha","configuration-as-code-0.11-alpha","configuration-as-code-0.2-alpha","configuration-as-code-0.3-alpha","configuration-as-code-0.4-alpha","configuration-as-code-0.5-alpha","configuration-as-code-0.6-alpha","configuration-as-code-0.7-alpha","configuration-as-code-0.8-alpha","configuration-as-code-0.9-alpha","configuration-as-code-1.0","configuration-as-code-1.0-rc1","configuration-as-code-1.0-rc2","configuration-as-code-1.0-rc3","configuration-as-code-1.1","configuration-as-code-1.10","configuration-as-code-1.11","configuration-as-code-1.12","configuration-as-code-1.13","configuration-as-code-1.14","configuration-as-code-1.15","configuration-as-code-1.16","configuration-as-code-1.17","configuration-as-code-1.18","configuration-as-code-1.19","configuration-as-code-1.2","configuration-as-code-1.20","configuration-as-code-1.21","configuration-as-code-1.22","configuration-as-code-1.23","configuration-as-code-1.24","configuration-as-code-1.25","configuration-as-code-1.26","configuration-as-code-1.3","configuration-as-code-1.4","configuration-as-code-1.5","configuration-as-code-1.6","configuration-as-code-1.7","configuration-as-code-1.8","configuration-as-code-1.9"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-10367.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}