Jenkins QMetry Test Management Plugin 1.13 and earlier does not mask Qmetry Automation API Keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them.
Metrics
Affected Vendors & Products
References
History
Wed, 09 Jul 2025 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-256 CWE-522 |
|
Metrics |
cvssV3_1
|
Wed, 09 Jul 2025 15:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Jenkins QMetry Test Management Plugin 1.13 and earlier does not mask Qmetry Automation API Keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them. | |
References |
|

Status: PUBLISHED
Assigner: jenkins
Published: 2025-07-09T15:39:32.515Z
Updated: 2025-07-09T19:14:51.404Z
Reserved: 2025-07-08T07:51:59.762Z
Link: CVE-2025-53660

Updated: 2025-07-09T18:49:42.152Z

Status : Awaiting Analysis
Published: 2025-07-09T16:15:25.433
Modified: 2025-07-10T13:17:30.017
Link: CVE-2025-53660

No data.