Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-53671

Jenkins Nouvola DiveCloud Plugin 1.08 and earlier does not mask DiveCloud API Keys and Credentials Encryption Keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them.

Published

2025-07-09T16:15:26.600

Last Modified

2025-07-10T13:17:30.017

Status

Awaiting Analysis

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

Weaknesses

Type: Secondary
CWE-256
CWE-522

Affected Vendors & Products

References

https://www.jenkins.io/security/advisory/2025-07-09/#SECURITY-3526 ([email protected])