Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-53743 | 1 Jenkins | 1 Applitools Eyes | 2025-09-10 | N/A | 5.3 MEDIUM |
| Jenkins Applitools Eyes Plugin 1.16.5 and earlier does not mask Applitools API keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them. | |||||
| CVE-2025-53742 | 1 Jenkins | 1 Applitools Eyes | 2025-09-10 | N/A | 6.5 MEDIUM |
| Jenkins Applitools Eyes Plugin 1.16.5 and earlier stores Applitools API keys unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. | |||||
| CVE-2025-53658 | 1 Jenkins | 1 Applitools Eyes | 2025-07-18 | N/A | 5.4 MEDIUM |
| Jenkins Applitools Eyes Plugin 1.16.5 and earlier does not escape the Applitools URL on the build page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | |||||