CVE-2025-53650

HIGH

Jenkins Credentials Binding Plugin <687.v619cb_15e923f - Info Discl...

Title source: llm
STIX 2.1

Description

Jenkins Credentials Binding Plugin 687.v619cb_15e923f and earlier does not properly mask (i.e., replace with asterisks) credentials present in exception error messages that are written to the build log.

References (2)

Scores

CVSS v3 7.3
EPSS 0.0007
EPSS Percentile 20.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-522
Status published
Products (2)
jenkins/credentials_binding < 687.689.v1a_f775332fc
org.jenkins-ci.plugins/credentials-binding 0 - 687.689.v1aMaven
Published Jul 09, 2025
Tracked Since Feb 18, 2026