Loading...

This issue is archived. You can view it, but you can't modify it. Learn more

Log In
Closed

XML

Word

Printable

Type: Bug
Resolution: Not A Defect
Priority: Major
Component/s: credentials-binding-plugin
Labels:
- issue-exported-to-github
Environment:
Jenkins 2.149 - Credential Binding 1.17

It looks like saving password variable from withCredentials using writeFile doesn't mask the password. I consider this to be a security vulnerability.

relates to

JENKINS-50242 withCredentials step masking easily bypassed

Resolved

Assignee:: Unassigned
Reporter:: Tomasz Fijarczyk

Created:: 2018-11-08 11:06
Updated:: 2025-12-11 15:49
Resolved:: 2019-11-27 19:59
Archived:: 2025-12-11 15:49

Details

Description

Attachments

Issue Links

Activity

People

Dates