CVE-2022-46685

Summary

In Jenkins Gitea Plugin 1.4.4 and earlier, the implementation of Gitea personal access tokens did not support credentials masking, potentially exposing them through the build log.

Affected Software

VendorProductVersion RangeStatus
Jenkins ProjectJenkins Gitea Pluginunspecified <= 1.4.4affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References