CVE-2023-39152

MEDIUM Year: 2023
CVSS v3 Score
6.5
Medium
Weakness Type
CWE-670
View all →

Vulnerability Description

Always-incorrect control flow implementation in Jenkins Gradle Plugin 2.8 may result in credentials not being masked (i.e., replaced with asterisks) in the build log in some circumstances.

Related Vulnerabilities

CVE-2018-19058

MEDIUM
CVSS:6.5(Medium)

An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to denial of service because EmbFile::save2 in FileSpec.cc lacks a stream check before saving an embedded f...

CWE-6702018

CVE-2018-19212

MEDIUM
CVSS:6.5(Medium)

In libwebm through 2018-10-03, there is an abort caused by libwebm::Webm2Pes::InitWebmParser() that will lead to a DoS attack.

CWE-6702018

CVE-2021-38019

MEDIUM
CVSS:6.5(Medium)

Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

CWE-6702021

CVE-2024-33431

MEDIUM
CVSS:6.5(Medium)

An issue in phiola/src/afilter/conv.c:115 of phiola v2.0-rc22 allows a remote attacker to cause a denial of service via a crafted .wav file.

CWE-6702024

CVE-2024-45304

MEDIUM
CVSS:6.5(Medium)

Cairo-Contracts are OpenZeppelin Contracts written in Cairo for Starknet, a decentralized ZK Rollup. This vulnerability can lead to unauthorized ownership transfer, contrary to the original owner's in...

CWE-6702024

CVE-2024-5659

HIGH
CVSS:6.5(Medium)

Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be explo...

CWE-6702024