Lucene search
K

14 matches found

RedhatCVE
RedhatCVE
added 2025/04/04 3:39 p.m.26 views

CVE-2025-31728

Jenkins AsakusaSatellite Plugin 0.1.1 and earlier does not mask AsakusaSatellite API keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

5.5CVSS7.1AI score0.00276EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/04/02 3:31 p.m.32 views

Jenkins AsakusaSatellite Plugin Stores API Keys Unencrypted in Job `config.xml` Files

Jenkins AsakusaSatellite Plugin 0.1.1 and earlier stores AsakusaSatellite API keys unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These API keys can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

5.5CVSS6.9AI score0.00276EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/04/02 3:31 p.m.12 views

GHSA-FV9Q-FQ62-C6QG Jenkins AsakusaSatellite Plugin Stores API Keys Unencrypted in Job `config.xml` Files

Jenkins AsakusaSatellite Plugin 0.1.1 and earlier stores AsakusaSatellite API keys unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These API keys can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

4.3CVSS6.9AI score0.00276EPSS
Exploits0References3
OSV
OSV
added 2025/04/02 3:16 p.m.3 views

CVE-2025-31728

Jenkins AsakusaSatellite Plugin 0.1.1 and earlier does not mask AsakusaSatellite API keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

5.5CVSS5.8AI score0.00276EPSS
Exploits0References1
NVD
NVD
added 2025/04/02 3:16 p.m.22 views

CVE-2025-31728

Jenkins AsakusaSatellite Plugin 0.1.1 and earlier does not mask AsakusaSatellite API keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

5.5CVSS0.00276EPSS
Exploits0References1
NVD
NVD
added 2025/04/02 3:16 p.m.40 views

CVE-2025-31727

Jenkins AsakusaSatellite Plugin 0.1.1 and earlier stores AsakusaSatellite API keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

5.5CVSS0.00276EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/02 2:59 p.m.13 views

CVE-2025-31728

Jenkins AsakusaSatellite Plugin 0.1.1 and earlier does not mask AsakusaSatellite API keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

7AI score0.00276EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/02 2:59 p.m.28 views

CVE-2025-31728

Jenkins AsakusaSatellite Plugin 0.1.1 and earlier does not mask AsakusaSatellite API keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

0.00276EPSS
Exploits0References1
CVE
CVE
added 2025/04/02 2:59 p.m.67 views

CVE-2025-31728

The CVE-2025-31728 entry concerns the Jenkins AsakusaSatellite Plugin (versions ≤ 0.1.1). Affected: AsakusaSatellite API keys are displayed in the job configuration form and are not masked, enabling observation/capture by users with permissions to view job configs or access the Jenkins controller...

5.5CVSS7AI score0.00276EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/04/02 2:59 p.m.11 views

CVE-2025-31727

Jenkins AsakusaSatellite Plugin 0.1.1 and earlier stores AsakusaSatellite API keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

7AI score0.00276EPSS
Exploits0References1
CVE
CVE
added 2025/04/02 2:59 p.m.73 views

CVE-2025-31727

CVE-2025-31727 affects the Jenkins AsakusaSatellite Plugin (versions 0.1.1 and earlier). The root cause is unencrypted storage of AsakusaSatellite API keys in job config.xml files on the Jenkins controller, which can be viewed by users with Item/Extended Read permission or access to the file syst...

5.5CVSS7AI score0.00276EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/04/02 12:0 a.m.8 views

Jenkins plugin AsakusaSatellite 安全漏洞

Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A security...

5.5CVSS6.4AI score0.00276EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/04/02 12:0 a.m.5 views

PT-2025-14517 · Jenkins · Jenkins Asakusasatellite Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins AsakusaSatellite Plugin versions 0.1.1 and earlier Description: The issue concerns the storage of AsakusaSatellite API keys in an unencrypted manner within job config.xml files on the Jenkins controller. This allows users with...

6.5CVSS6AI score0.00276EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2025/04/02 12:0 a.m.7 views

PT-2025-14518 · Jenkins · Jenkins Asakusasatellite Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins AsakusaSatellite Plugin versions 0.1.1 and earlier Description: The issue concerns the exposure of AsakusaSatellite API keys on the job configuration form, which could allow attackers to observe and capture them. Recommendations: For...

6.5CVSS5.9AI score0.00276EPSS
Exploits0References10
Rows per page
Query Builder