CNNVD-202507-1316 Information

CNNVD ID

CNNVD-202507-1316

Related CVE

CVE-2025-53650

• CNNVD Published: 2025-07-09

Description (Chinese)

Jenkins和Jenkins plugin都是Jenkins开源的产品。Jenkins是一个应用软件。一个开源自动化服务器Jenkins提供了数百个插件来支持构建，部署和自动化任何项目。Jenkins plugin是一个应用软件插件。 Jenkins plugin Credentials Binding 687.v619cb_15e923f之前版本存在安全漏洞，该漏洞源于凭据未正确屏蔽，可能导致凭据泄露。

Description (English)

Jenkins and Jenkins plugin are all Jenkins open-source products. Jenkins is an application. Jenkins, an open-source automated server, provided hundreds of plugins to support construction, deployment and automation of any project. Jenkins plugin is an application plugin. There was a security loophole in the pre-version of Jenkins pugin Credentials Binding 687.v619cb 15e923f, which stemmed from the fact that the evidence was not correctly shielded and could lead to its disclosure.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Jenkins

Published

2025-07-09

Last Modified

2026-02-24

References

https://www.jenkins.io/security/advisory/2025-07-09/#SECURITY-3499 https://vigilance.fr/vulnerability/Jenkins-Plugins-multiple-vulnerabilities-dated-09-07-2025-47671

Patch

https://www.jenkins.io/security/advisory/2025-07-09/#SECURITY-3499