2 matches found
au.com.versent.jenkins.plugins:ignore-committer-strategy (>=29.v7c3891a_434c3 <=57.v0756db_b_f6926), com.amazon.jenkins.fleet:ec2-fleet (>=1.0 <=4.2.1.515.v100267825939) +109 more potentially affected by CVE-2025-53650 via org.jenkins-ci.plugins:credentials-binding (>=1.10 <=687.v619cb_15e923f)
org.jenkins-ci.plugins:credentials-binding MAVEN version =1.10, =29.v7c3891a434c3, =1.0, =1.6, =1.4, =1.41.0, =377.vc87a13718939, =57.vde5161ec7aba, =0.17, =60.vce1b19770361, =1.0.43, =1.0.0, =1.27.25 and more Source cves: CVE-2025-53650 Source advisory: OSV:GHSA-9768-HPRV-CRJ5...
CVE-2025-53650
Jenkins Credentials Binding Plugin 687.v619cb15e923f and earlier does not properly mask i.e., replace with asterisks credentials present in exception error messages that are written to the build log...