7 matches found
Sensitive Information Exposure
Jenkins ByteGuard Build Actions Plugin is vulnerable to sensitive information exposure. The vulnerability is due to improper masking of API tokens on the job configuration form, which allows an attacker to observe and capture these tokens...
CVE-2025-64145
Jenkins ByteGuard Build Actions Plugin 1.0 does not mask API tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them...
EUVD-2025-36654
Jenkins ByteGuard Build Actions Plugin stores API tokens unencrypted in job config.xml files...
Jenkins ByteGuard Build Actions Plugin stores API tokens unencrypted in job config.xml files
Jenkins ByteGuard Build Actions Plugin 1.0 and earlier stores API tokens unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These tokens can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. Additionally...
CVE-2025-64145
Jenkins ByteGuard Build Actions Plugin 1.0 does not mask API tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them...
CVE-2025-64144
Jenkins ByteGuard Build Actions Plugin 1.0 stores API tokens unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission, or access to the Jenkins controller file system...
CVE-2025-64144
Jenkins ByteGuard Build Actions Plugin 1.0 stores API tokens unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission, or access to the Jenkins controller file system...