2 results (0.001 seconds)
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-31728
https://notcve.org/view.php?id=CVE-2025-31728
02 Apr 2025 — Jenkins AsakusaSatellite Plugin 0.1.1 and earlier does not mask AsakusaSatellite API keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them. • https://www.jenkins.io/security/advisory/2025-04-02/#SECURITY-3523 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-31727
https://notcve.org/view.php?id=CVE-2025-31727
02 Apr 2025 — Jenkins AsakusaSatellite Plugin 0.1.1 and earlier stores AsakusaSatellite API keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. • https://www.jenkins.io/security/advisory/2025-04-02/#SECURITY-3523 •