CVE-2023-30513

Name of the Vulnerable Software and Affected Versions Jenkins Kubernetes Plugin versions 3909.v1f2c633e8590 and earlier

Description The issue arises from the Jenkins Kubernetes Plugin not properly masking credentials in the build log when push mode for durable task logging is enabled. This results in credentials being exposed in the build log, potentially leading to unauthorized access.

Recommendations For Jenkins Kubernetes Plugin versions 3909.v1f2c633e8590 and earlier, consider disabling the push mode for durable task logging until a patch is available to properly mask credentials in the build log. Restrict access to the build logs to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.