-
Bug
-
Resolution: Unresolved
-
Minor
The mask-passwords plugin contains CVE-2019-10370 for which there is no released fix; however, the Logstash plugin depends on this plugin:
https://github.com/jenkinsci/logstash-plugin/blob/master/pom.xml#L162
The dependency you link to is only used in test (as can be seen by it's scope).
I fail to see why it would be a problem. Please reopen if I'm missing something