7 matches found
BIT-JENKINS-2025-67638
Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not mask build authorization tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them...
Cleartext Storage of Sensitive Information
Overview org.jenkins-ci.main:jenkins-core is an open source automation server. Affected versions of this package are vulnerable to Cleartext Storage of Sensitive Information in the storage of build authorization tokens in plain text within config.xml files. An attacker can gain unauthorized acces...
CVE-2025-67638
Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not mask build authorization tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them...
CVE-2025-67638
Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not mask build authorization tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them...
CVE-2025-67638
CVE-2025-67638 affects Jenkins 2.540 and earlier, LTS 2.528.2 and earlier. The root cause is that build authorization tokens shown on the job configuration form are not masked, allowing potential observation or capture by an attacker. The CVE is documented in Jenkins security advisory SECURITY-78...
CVE-2025-67638
Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not mask build authorization tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them...
CVE-2025-67638
Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not mask build authorization tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them...