30 matches found
EUVD-2025-20859
Malicious code in bioql PyPI...
EUVD-2023-32623
Malicious code in bioql PyPI...
EUVD-2025-20860
Malicious code in bioql PyPI...
CVE-2025-53655
Jenkins Statistics Gatherer Plugin 2.0.3 and earlier does not mask the AWS Secret Key on the global configuration form, increasing the potential for attackers to observe and capture it...
CVE-2025-53654
Jenkins Statistics Gatherer Plugin 2.0.3 and earlier stores the AWS Secret Key unencrypted in its global configuration file on the Jenkins controller, where it can be viewed by users with access to the Jenkins controller file system...
The vulnerability of the Statistics Gatherer plugin in the Jenkins automation server, related to the storage of the AWS secret key in an unencrypted form, allows a malicious actor to gain unauthorized access to protected information.
The vulnerability of the Statistics Gatherer plugin in the Jenkins automation server relates to the storage of the AWS secret key in an unencrypted form within the configuration file org.jenkins.plugins.statistics.gatherer.StatisticsConfiguration.xml. Exploiting this vulnerability could allow a...
Jenkins Statistics Gatherer Plugin does not mask AWS Secret Key
Jenkins Statistics Gatherer Plugin 2.0.3 and earlier stores the AWS Secret Key unencrypted in its global configuration file org.jenkins.plugins.statistics.gatherer.StatisticsConfiguration.xml on the Jenkins controller as part of its configuration. This key can be viewed by users with access to th...
GHSA-26X3-7JW5-7MG4 Jenkins Statistics Gatherer Plugin does not mask AWS Secret Key
Jenkins Statistics Gatherer Plugin 2.0.3 and earlier stores the AWS Secret Key unencrypted in its global configuration file org.jenkins.plugins.statistics.gatherer.StatisticsConfiguration.xml on the Jenkins controller as part of its configuration. This key can be viewed by users with access to th...
GHSA-3C9F-C64M-H4WC Jenkins Statistics Gatherer Plugin vulnerability exposes AWS Secret Key
Jenkins Statistics Gatherer Plugin 2.0.3 and earlier stores the AWS Secret Key unencrypted in its global configuration file org.jenkins.plugins.statistics.gatherer.StatisticsConfiguration.xml on the Jenkins controller as part of its configuration. This key can be viewed by users with access to th...
Jenkins Statistics Gatherer Plugin vulnerability exposes AWS Secret Key
Jenkins Statistics Gatherer Plugin 2.0.3 and earlier stores the AWS Secret Key unencrypted in its global configuration file org.jenkins.plugins.statistics.gatherer.StatisticsConfiguration.xml on the Jenkins controller as part of its configuration. This key can be viewed by users with access to th...
Credential Exposure
Overview Affected versions of this package are vulnerable to Credential Exposure in the storage of the AWS Secret Key in the global configuration file on the controller. An attacker can obtain sensitive credentials by accessing the file system where the configuration file is stored. Remediation...
CVE-2025-53654
Jenkins Statistics Gatherer Plugin 2.0.3 and earlier stores the AWS Secret Key unencrypted in its global configuration file on the Jenkins controller, where it can be viewed by users with access to the Jenkins controller file system...
CVE-2025-53655
Jenkins Statistics Gatherer Plugin 2.0.3 and earlier does not mask the AWS Secret Key on the global configuration form, increasing the potential for attackers to observe and capture it...
CVE-2025-53654
Jenkins Statistics Gatherer Plugin 2.0.3 and earlier stores the AWS Secret Key unencrypted in its global configuration file on the Jenkins controller, where it can be viewed by users with access to the Jenkins controller file system...
CVE-2025-53654
Jenkins Statistics Gatherer Plugin 2.0.3 and earlier stores the AWS Secret Key unencrypted in its global configuration file on the Jenkins controller, where it can be viewed by users with access to the Jenkins controller file system...
CVE-2025-53655
Jenkins Statistics Gatherer Plugin 2.0.3 and earlier does not mask the AWS Secret Key on the global configuration form, increasing the potential for attackers to observe and capture it...
CVE-2025-53654
CVEs and references : CVE-2025-53654 affects Jenkins Statistics Gatherer Plugin (versions 2.0.3 and earlier). The flaw stores the AWS Secret Key unencrypted in the global configuration file on the Jenkins controller, specifically in org.jenkins.plugins.statistics.gatherer.StatisticsConfiguration....
CVE-2025-53654
Jenkins Statistics Gatherer Plugin 2.0.3 and earlier stores the AWS Secret Key unencrypted in its global configuration file on the Jenkins controller, where it can be viewed by users with access to the Jenkins controller file system...
CVE-2025-53655
Jenkins Statistics Gatherer Plugin 2.0.3 and earlier does not mask the AWS Secret Key on the global configuration form, increasing the potential for attackers to observe and capture it...
CVE-2025-53655
CVE-2025-53655 affects Jenkins Statistics Gatherer Plugin versions 2.0.3 and earlier. The root issue is that the AWS Secret Key is stored unencrypted in the global configuration file org.jenkins.plugins.statistics.gatherer.StatisticsConfiguration.xml on the Jenkins controller and is not masked in...