Jenkins PaaSLane Estimate Plugin 1.0.4 and earlier does not mask PaaSLane authentication tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them.

Affected Packages

Maven com.cloudtp.jenkins:paaslane-estimate

Affected versions: 0 (last affected: 1.0.4)

Related CVEs

CVE-2023-50777

Key Information

GHSA ID

GHSA-v9w3-34xq-hrjg

Published

December 13, 2023 6:31 PM

Last Modified

December 18, 2023 9:43 PM

CVSS Score

5.0 /10

Primary Ecosystem

Maven

Primary Package

com.cloudtp.jenkins:paaslane-estimate

GitHub Reviewed

✓ Yes

Dataset

Last updated: August 24, 2025 6:28 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.