CVE-2025-31728

Jenkins AsakusaSatellite Plugin 0.1.1 and earlier does not mask AsakusaSatellite API keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them.
Configurations

No configuration.

History

03 Apr 2025, 21:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
CWE CWE-549
Summary
  • (es) Jenkins AsakusaSatellite Plugin 0.1.1 y versiones anteriores no enmascaran las claves de API de AsakusaSatellite que se muestran en el formulario de configuraciĆ³n del trabajo, lo que aumenta la posibilidad de que los atacantes las observen y capturen.

02 Apr 2025, 15:16

Type Values Removed Values Added
New CVE

Information

Published : 2025-04-02 15:16

Updated : 2025-04-03 21:15


NVD link : CVE-2025-31728

Mitre link : CVE-2025-31728

CVE.ORG link : CVE-2025-31728


JSON object : View

Products Affected

No product.

CWE
CWE-549

Missing Password Field Masking