Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-53651

Jenkins HTML Publisher Plugin 425 and earlier displays log messages that include the absolute paths of files archived during the Publish HTML reports post-build step, exposing information about the Jenkins controller file system in the build log.

Published

2025-07-09T16:15:24.513

Last Modified

2025-07-18T18:02:43.727

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.3 (MEDIUM)

Weaknesses

Type: Secondary
CWE-36

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	jenkins	html_publisher	< 427	Yes

References

https://www.jenkins.io/security/advisory/2025-07-09/#SECURITY-3547 Vendor Advisory ([email protected])