PT-2025-28902 · Jenkins · Jenkins Credentials Binding Plugin+1
Idofor
+2
·
Published
2025-07-09
·
Updated
2025-07-18
·
CVE-2025-53650
CVSS v3.1
7.3
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions:
Jenkins Credentials Binding Plugin versions 687.v619cb 15e923f and earlier
Description:
The Jenkins Credentials Binding Plugin does not properly mask credentials present in exception error messages written to the build log. This can lead to the exposure of sensitive information.
Recommendations:
Update to Jenkins Credentials Binding Plugin version 687.689.v1a f775332fc9 or later.
Fix
Insufficiently Protected Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Jenkins
Jenkins Credentials Binding Plugin