CVE-2023-40340
CVE-2023-40340
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Lifecycle
16 Aug 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Jenkins NodeJS Plugin 1.6.0 and earlier does not properly mask (i.e., replace with asterisks) credentials specified in the Npm config file in Pipeline build logs.
Affected products
Jenkins Project · Jenkins NodeJS Plugin