Skip to main content

Credentials Binding

5 CVEs product

Monthly

CVE-2025-53650 Maven HIGH PATCH This Week

Jenkins Credentials Binding Plugin 687.v619cb_15e923f and earlier does not properly mask (i.e., replace with asterisks) credentials present in exception error messages that are written to the build log.

Information Disclosure Jenkins Credentials Binding
NVD GitHub
CVSS 3.1
7.3
EPSS
0.1%
CVE-2020-2182 Maven MEDIUM PATCH This Month

Jenkins Credentials Binding Plugin 1.22 and earlier does not mask (i.e., replace with asterisks) secrets containing a `$` character in some circumstances. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Information Disclosure Credentials Binding
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2020-2181 Maven MEDIUM PATCH This Month

Jenkins Credentials Binding Plugin 1.22 and earlier does not mask (i.e., replace with asterisks) secrets in the build log when the build contains no build steps. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Information Disclosure Credentials Binding
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2019-1010241 Maven MEDIUM POC This Month

Jenkins Credentials Binding Plugin Jenkins 1.17 is affected by: CWE-257: Storing Passwords in a Recoverable Format. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Jenkins Information Disclosure Credentials Binding
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2018-1000057 Maven MEDIUM PATCH This Month

Jenkins Credentials Binding Plugin 1.14 and earlier masks passwords it provides to build processes in their build logs. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Credentials Binding
NVD
CVSS 3.0
4.3
EPSS
0.7%
EPSS 0% CVSS 7.3
HIGH PATCH This Week

Jenkins Credentials Binding Plugin 687.v619cb_15e923f and earlier does not properly mask (i.e., replace with asterisks) credentials present in exception error messages that are written to the build log.

Information Disclosure Jenkins Credentials Binding
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Jenkins Credentials Binding Plugin 1.22 and earlier does not mask (i.e., replace with asterisks) secrets containing a `$` character in some circumstances. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Information Disclosure Credentials Binding
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Jenkins Credentials Binding Plugin 1.22 and earlier does not mask (i.e., replace with asterisks) secrets in the build log when the build contains no build steps. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Information Disclosure Credentials Binding
NVD
EPSS 1% CVSS 6.5
MEDIUM POC This Month

Jenkins Credentials Binding Plugin Jenkins 1.17 is affected by: CWE-257: Storing Passwords in a Recoverable Format. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Jenkins Information Disclosure Credentials Binding
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Jenkins Credentials Binding Plugin 1.14 and earlier masks passwords it provides to build processes in their build logs. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Credentials Binding
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy