Sensitive Information Disclosure

Jenkins ReadyAPI Functional Testing Plugin is vulnerable to Sensitive Information Disclosure. The vulnerability is due to storing license keys, client secrets, and passwords in plaintext in job configuration files, allowing users with Item/Extended Read permission or file system access on the...

EUVD-2019-3829

Malware in sbrugna...

EUVD-2025-20857

Malicious code in bioql PyPI...

EUVD-2025-20858

Malicious code in bioql PyPI...

Jenkins ReadyAPI Functional Testing Plugin vulnerability exposes secrets

Jenkins ReadyAPI Functional Testing Plugin 1.11 and earlier stores SLM License Access Keys, client secrets, and passwords unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These credentials can be viewed by users with Item/Extended Read permission or acce...

GHSA-R496-X769-F8J4 Jenkins ReadyAPI Functional Testing Plugin vulnerability exposes secrets

Jenkins ReadyAPI Functional Testing Plugin 1.11 and earlier stores SLM License Access Keys, client secrets, and passwords unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These credentials can be viewed by users with Item/Extended Read permission or acce...

CVE-2025-53657

Jenkins ReadyAPI Functional Testing Plugin 1.11 and earlier does not mask SLM License Access Keys, client secrets, and passwords displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

CVE-2025-53657

Jenkins ReadyAPI Functional Testing Plugin 1.11 and earlier does not mask SLM License Access Keys, client secrets, and passwords displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

CVE-2025-53656

Jenkins ReadyAPI Functional Testing Plugin 1.11 and earlier stores SLM License Access Keys, client secrets, and passwords unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file...

CVE-2025-53656

Jenkins ReadyAPI Functional Testing Plugin 1.11 and earlier stores SLM License Access Keys, client secrets, and passwords unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file...

CVE-2025-53656

Jenkins ReadyAPI Functional Testing Plugin 1.11 and earlier stores SLM License Access Keys, client secrets, and passwords unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file...

CVE-2025-53656

Jenkins ReadyAPI Functional Testing Plugin 1.11 and earlier stores SLM License Access Keys, client secrets, and passwords unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file...

CVE-2025-53657

Jenkins ReadyAPI Functional Testing Plugin 1.11 and earlier does not mask SLM License Access Keys, client secrets, and passwords displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

CVE-2025-53657

CVE-2025-53657 affects Jenkins ReadyAPI Functional Testing Plugin 1.11 and earlier. The issue is that SLM License Access Keys, client secrets, and passwords displayed on the job configuration form are not masked, enabling potential exposure to users with access to the Jenkins UI/file system. Impa...

CVE-2025-53657

Jenkins ReadyAPI Functional Testing Plugin 1.11 and earlier does not mask SLM License Access Keys, client secrets, and passwords displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

PT-2025-28909 · Jenkins · Jenkins Readyapi Functional Testing Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins ReadyAPI Functional Testing Plugin versions 1.11 and earlier Description: The Jenkins ReadyAPI Functional Testing Plugin does not properly mask sensitive information such as SLM License Access Keys, client secrets, and passwords on th...

PT-2025-28908 · Jenkins · Jenkins Readyapi Functional Testing Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins ReadyAPI Functional Testing Plugin versions 1.11 and earlier Description: The Jenkins ReadyAPI Functional Testing Plugin stores sensitive information, including SLM License Access Keys, client secrets, and passwords, in unencrypted...

Jenkins plugin ReadyAPI Functional Testing 安全漏洞

Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A security...

Jenkins plugin ReadyAPI Functional Testing 安全漏洞

Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A security...

CVE-2020-12835

An issue was discovered in SmartBear ReadyAPI SoapUI Pro 3.2.5. Due to unsafe use of an Java RMI based protocol in an unsafe configuration, an attacker can inject malicious serialized objects into the communication, resulting in remote code execution in the context of a client-side Network...