CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

EUVD•added 2025/10/29 3:31 p.m.•3 views

EUVD-2025-36646

Jenkins Curseforge Publisher Plugin does not mask API Keys displayed on the job configuration form...

4.3CVSS6.4AI score0.0002EPSS

Exploits0References3

OSV•added 2025/10/29 3:31 p.m.•5 views

GHSA-23VJ-J6JC-W892 Jenkins Curseforge Publisher Plugin stores API Keys unencrypted in job config.xml files

Jenkins Curseforge Publisher Plugin 1.0 and earlier stores API Keys unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These keys can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. Additionally, the j...

4.3CVSS6.8AI score0.0003EPSS

Exploits0References4

NVD•added 2025/10/29 2:15 p.m.•2 views

CVE-2025-64146

Jenkins Curseforge Publisher Plugin 1.0 stores API Keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission, or access to the Jenkins controller file system...

4.3CVSS0.0003EPSS

Exploits0References2

OSV•added 2025/10/29 2:15 p.m.•1 views

CVE-2025-64147

Jenkins Curseforge Publisher Plugin 1.0 does not mask API Keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

4.3CVSS5.8AI score

Exploits0References2

Cvelist•added 2025/10/29 1:29 p.m.•4 views

CVE-2025-64147

Jenkins Curseforge Publisher Plugin 1.0 does not mask API Keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

0.0002EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by