Jenkins · Jenkins Credentials Binding Plugin · CVE-2025-53650
Name of the Vulnerable Software and Affected Versions:
Jenkins Credentials Binding Plugin versions 687.v619cb 15e923f and earlier
Description:
The Jenkins Credentials Binding Plugin does not properly mask credentials present in exception error messages written to the build log. This can lead to the exposure of sensitive information.
Recommendations:
Update to Jenkins Credentials Binding Plugin version 687.689.v1a f775332fc9 or later.