Lucene search
+L

30 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-20859

Malicious code in bioql PyPI...

5.3CVSS6.4AI score0.00313EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-32623

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00647EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-20860

Malicious code in bioql PyPI...

6.5CVSS6.3AI score0.00354EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/07/11 3:42 p.m.18 views

CVE-2025-53655

Jenkins Statistics Gatherer Plugin 2.0.3 and earlier does not mask the AWS Secret Key on the global configuration form, increasing the potential for attackers to observe and capture it...

5.3CVSS7.1AI score0.00313EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/11 3:42 p.m.12 views

CVE-2025-53654

Jenkins Statistics Gatherer Plugin 2.0.3 and earlier stores the AWS Secret Key unencrypted in its global configuration file on the Jenkins controller, where it can be viewed by users with access to the Jenkins controller file system...

6.5CVSS7AI score0.00354EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/07/11 12:0 a.m.8 views

The vulnerability of the Statistics Gatherer plugin in the Jenkins automation server, related to the storage of the AWS secret key in an unencrypted form, allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Statistics Gatherer plugin in the Jenkins automation server relates to the storage of the AWS secret key in an unencrypted form within the configuration file org.jenkins.plugins.statistics.gatherer.StatisticsConfiguration.xml. Exploiting this vulnerability could allow a...

6.8CVSS5.5AI score0.00354EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2025/07/09 6:30 p.m.10 views

Jenkins Statistics Gatherer Plugin does not mask AWS Secret Key

Jenkins Statistics Gatherer Plugin 2.0.3 and earlier stores the AWS Secret Key unencrypted in its global configuration file org.jenkins.plugins.statistics.gatherer.StatisticsConfiguration.xml on the Jenkins controller as part of its configuration. This key can be viewed by users with access to th...

5.3CVSS6.2AI score0.00313EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/07/09 6:30 p.m.6 views

GHSA-26X3-7JW5-7MG4 Jenkins Statistics Gatherer Plugin does not mask AWS Secret Key

Jenkins Statistics Gatherer Plugin 2.0.3 and earlier stores the AWS Secret Key unencrypted in its global configuration file org.jenkins.plugins.statistics.gatherer.StatisticsConfiguration.xml on the Jenkins controller as part of its configuration. This key can be viewed by users with access to th...

4.3CVSS6.6AI score0.00313EPSS
Exploits0References4
OSV
OSV
added 2025/07/09 6:30 p.m.6 views

GHSA-3C9F-C64M-H4WC Jenkins Statistics Gatherer Plugin vulnerability exposes AWS Secret Key

Jenkins Statistics Gatherer Plugin 2.0.3 and earlier stores the AWS Secret Key unencrypted in its global configuration file org.jenkins.plugins.statistics.gatherer.StatisticsConfiguration.xml on the Jenkins controller as part of its configuration. This key can be viewed by users with access to th...

4.3CVSS6.1AI score0.00354EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/07/09 6:30 p.m.8 views

Jenkins Statistics Gatherer Plugin vulnerability exposes AWS Secret Key

Jenkins Statistics Gatherer Plugin 2.0.3 and earlier stores the AWS Secret Key unencrypted in its global configuration file org.jenkins.plugins.statistics.gatherer.StatisticsConfiguration.xml on the Jenkins controller as part of its configuration. This key can be viewed by users with access to th...

6.5CVSS6.2AI score0.00354EPSS
Exploits0References4Affected Software1
Snyk
Snyk
added 2025/07/09 4:49 p.m.3 views

Credential Exposure

Overview Affected versions of this package are vulnerable to Credential Exposure in the storage of the AWS Secret Key in the global configuration file on the controller. An attacker can obtain sensitive credentials by accessing the file system where the configuration file is stored. Remediation...

6.5CVSS6.8AI score0.00354EPSS
Exploits0References2
NVD
NVD
added 2025/07/09 4:15 p.m.6 views

CVE-2025-53654

Jenkins Statistics Gatherer Plugin 2.0.3 and earlier stores the AWS Secret Key unencrypted in its global configuration file on the Jenkins controller, where it can be viewed by users with access to the Jenkins controller file system...

6.5CVSS0.00354EPSS
Exploits0References2
NVD
NVD
added 2025/07/09 4:15 p.m.8 views

CVE-2025-53655

Jenkins Statistics Gatherer Plugin 2.0.3 and earlier does not mask the AWS Secret Key on the global configuration form, increasing the potential for attackers to observe and capture it...

5.3CVSS0.00313EPSS
Exploits0References2
OSV
OSV
added 2025/07/09 4:15 p.m.3 views

CVE-2025-53654

Jenkins Statistics Gatherer Plugin 2.0.3 and earlier stores the AWS Secret Key unencrypted in its global configuration file on the Jenkins controller, where it can be viewed by users with access to the Jenkins controller file system...

6.5CVSS5.8AI score0.00354EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/07/09 3:39 p.m.3 views

CVE-2025-53654

Jenkins Statistics Gatherer Plugin 2.0.3 and earlier stores the AWS Secret Key unencrypted in its global configuration file on the Jenkins controller, where it can be viewed by users with access to the Jenkins controller file system...

7AI score0.00354EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/09 3:39 p.m.3 views

CVE-2025-53655

Jenkins Statistics Gatherer Plugin 2.0.3 and earlier does not mask the AWS Secret Key on the global configuration form, increasing the potential for attackers to observe and capture it...

7AI score0.00313EPSS
Exploits0References1
CVE
CVE
added 2025/07/09 3:39 p.m.31 views

CVE-2025-53654

CVEs and references : CVE-2025-53654 affects Jenkins Statistics Gatherer Plugin (versions 2.0.3 and earlier). The flaw stores the AWS Secret Key unencrypted in the global configuration file on the Jenkins controller, specifically in org.jenkins.plugins.statistics.gatherer.StatisticsConfiguration....

6.5CVSS6.5AI score0.00354EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/07/09 3:39 p.m.14 views

CVE-2025-53654

Jenkins Statistics Gatherer Plugin 2.0.3 and earlier stores the AWS Secret Key unencrypted in its global configuration file on the Jenkins controller, where it can be viewed by users with access to the Jenkins controller file system...

0.00354EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/09 3:39 p.m.13 views

CVE-2025-53655

Jenkins Statistics Gatherer Plugin 2.0.3 and earlier does not mask the AWS Secret Key on the global configuration form, increasing the potential for attackers to observe and capture it...

0.00313EPSS
Exploits0References1
CVE
CVE
added 2025/07/09 3:39 p.m.32 views

CVE-2025-53655

CVE-2025-53655 affects Jenkins Statistics Gatherer Plugin versions 2.0.3 and earlier. The root issue is that the AWS Secret Key is stored unencrypted in the global configuration file org.jenkins.plugins.statistics.gatherer.StatisticsConfiguration.xml on the Jenkins controller and is not masked in...

5.3CVSS6.5AI score0.00313EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder