Lucene search
+L

24 matches found

CVE
CVE
added 2025/10/29 1:29 p.m.23 views

CVE-2025-64146

CVE-2025-64146 affects the Jenkins Curseforge Publisher Plugin (version 1.0) and older, where API keys are stored unencrypted in job config.xml on the Jenkins controller. This configuration data can be viewed by users with Item/Extended Read permission or by anyone with access to the Jenkins cont...

4.3CVSS6.5AI score0.00158EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/10/29 12:0 a.m.5 views

Jenkins plugin Curseforge Publisher 安全漏洞

Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A security...

4.3CVSS6.4AI score0.00237EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/29 12:0 a.m.10 views

Jenkins Curseforge Publisher Plugin 安全漏洞

Jenkins Curseforge Publisher Plugin is an automated publishing plugin for Jenkins open source. A security vulnerability exists in version 1.0 of the Jenkins Curseforge Publisher Plugin that stems from unencrypted storage of API keys, which could lead to a user viewing the keys via Item or Extende...

4.3CVSS6.4AI score0.00158EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/29 12:0 a.m.13 views

PT-2025-44296

Name of the Vulnerable Software and Affected Versions Jenkins Curseforge Publisher Plugin version 1.0 Description The Jenkins Curseforge Publisher Plugin version 1.0 does not mask API Keys displayed on the job configuration form. This increases the potential for attackers to observe and capture...

4.3CVSS6.7AI score0.00237EPSS
Exploits0References6
Rows per page
Query Builder