24 matches found
CVE-2025-64146
CVE-2025-64146 affects the Jenkins Curseforge Publisher Plugin (version 1.0) and older, where API keys are stored unencrypted in job config.xml on the Jenkins controller. This configuration data can be viewed by users with Item/Extended Read permission or by anyone with access to the Jenkins cont...
Jenkins plugin Curseforge Publisher 安全漏洞
Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A security...
Jenkins Curseforge Publisher Plugin 安全漏洞
Jenkins Curseforge Publisher Plugin is an automated publishing plugin for Jenkins open source. A security vulnerability exists in version 1.0 of the Jenkins Curseforge Publisher Plugin that stems from unencrypted storage of API keys, which could lead to a user viewing the keys via Item or Extende...
PT-2025-44296
Name of the Vulnerable Software and Affected Versions Jenkins Curseforge Publisher Plugin version 1.0 Description The Jenkins Curseforge Publisher Plugin version 1.0 does not mask API Keys displayed on the job configuration form. This increases the potential for attackers to observe and capture...