2 matches found
Insufficiently Protected Credentials
Overview Affected versions of this package are vulnerable to Insufficiently Protected Credentials in the global configuration form, where the AWS Secret Key is not properly masked. An attacker can obtain sensitive credentials by viewing the configuration interface. Remediation There is no fixed...
CVE-2025-53655
Jenkins Statistics Gatherer Plugin 2.0.3 and earlier does not mask the AWS Secret Key on the global configuration form, increasing the potential for attackers to observe and capture it...