CVE Vulnerabilities

CVE-2025-53650

Insufficiently Protected Credentials

Published: Jul 09, 2025 | Modified: Jul 18, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

Jenkins Credentials Binding Plugin 687.v619cb_15e923f and earlier does not properly mask (i.e., replace with asterisks) credentials present in exception error messages that are written to the build log.

Weakness

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

Affected Software

Name Vendor Start Version End Version
Credentials_binding Jenkins * 687.689.v1a_f775332fc (including)

Potential Mitigations

References