Lucene search
K

11 matches found

Veracode
Veracode
added 2025/12/13 4:22 a.m.6 views

Sensitive Information Disclosure

Jenkins Statistics Gatherer Plugin is vulnerable to Sensitive Information Disclosure. The vulnerability is due to storing the AWS Secret Key in plaintext in the global configuration file, allowing users with access to the Jenkins controller file system to read and misuse the credential...

6.5CVSS6.8AI score0.00354EPSS
Exploits0References3Affected Software1
Veracode
Veracode
added 2025/12/13 4:19 a.m.6 views

Sensitive Information Disclosure

Jenkins Statistics Gatherer Plugin is vulnerable to Sensitive Information Disclosure. The vulnerability is due to failure to mask the AWS Secret Key in the global configuration UI, allowing attackers with configuration access to view and potentially capture the secret value...

5.3CVSS6.8AI score0.00313EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-20860

Malicious code in bioql PyPI...

6.5CVSS6.3AI score0.00354EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/07/11 3:42 p.m.15 views

CVE-2025-53655

Jenkins Statistics Gatherer Plugin 2.0.3 and earlier does not mask the AWS Secret Key on the global configuration form, increasing the potential for attackers to observe and capture it...

5.3CVSS7.1AI score0.00313EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/11 3:42 p.m.10 views

CVE-2025-53654

Jenkins Statistics Gatherer Plugin 2.0.3 and earlier stores the AWS Secret Key unencrypted in its global configuration file on the Jenkins controller, where it can be viewed by users with access to the Jenkins controller file system...

6.5CVSS7AI score0.00354EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/07/09 6:30 p.m.9 views

Jenkins Statistics Gatherer Plugin does not mask AWS Secret Key

Jenkins Statistics Gatherer Plugin 2.0.3 and earlier stores the AWS Secret Key unencrypted in its global configuration file org.jenkins.plugins.statistics.gatherer.StatisticsConfiguration.xml on the Jenkins controller as part of its configuration. This key can be viewed by users with access to th...

5.3CVSS6.2AI score0.00313EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2025/07/09 6:30 p.m.7 views

Jenkins Statistics Gatherer Plugin vulnerability exposes AWS Secret Key

Jenkins Statistics Gatherer Plugin 2.0.3 and earlier stores the AWS Secret Key unencrypted in its global configuration file org.jenkins.plugins.statistics.gatherer.StatisticsConfiguration.xml on the Jenkins controller as part of its configuration. This key can be viewed by users with access to th...

6.5CVSS6.2AI score0.00354EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/07/09 4:15 p.m.2 views

CVE-2025-53655

Jenkins Statistics Gatherer Plugin 2.0.3 and earlier does not mask the AWS Secret Key on the global configuration form, increasing the potential for attackers to observe and capture it...

5.3CVSS5.8AI score0.00313EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/07/09 3:39 p.m.3 views

CVE-2025-53654

Jenkins Statistics Gatherer Plugin 2.0.3 and earlier stores the AWS Secret Key unencrypted in its global configuration file on the Jenkins controller, where it can be viewed by users with access to the Jenkins controller file system...

7AI score0.00354EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/09 12:0 a.m.4 views

PT-2025-28907 · Jenkins · Jenkins Statistics Gatherer Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Statistics Gatherer Plugin versions 2.0.3 and earlier Description: The Jenkins Statistics Gatherer Plugin does not mask the AWS Secret Key on the global configuration form and stores it unencrypted in the...

5.3CVSS5.8AI score0.00313EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2025/07/09 12:0 a.m.2 views

PT-2025-28906 · Jenkins · Jenkins Statistics Gatherer Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Statistics Gatherer Plugin versions 2.0.3 and earlier Description: The Jenkins Statistics Gatherer Plugin stores the AWS Secret Key unencrypted in its global configuration file...

6.8CVSS5.8AI score0.00354EPSS
Exploits0References10
Rows per page
Query Builder