CVE-2025-53650

CWE-522 — Insufficiently Protected Credentials CWE-7795 documents5 sources

Severity

7.3HIGH

EPSS

0.1%

top 76.45%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Jenkins Project Jenkins Credentials Binding Plugin Jenkins Credentials Binding

Timeline

PublishedJul 9

Description

Jenkins Credentials Binding Plugin 687.v619cb_15e923f and earlier does not properly mask (i.e., replace with asterisks) credentials present in exception error messages that are written to the build log.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:LExploitability: 3.9 | Impact: 3.4

Affected Packages3 packages

▶Mavenorg.jenkins-ci.plugins:credentials-binding< 687.689.v1a

▶CVEListV5jenkins_project/jenkins_credentials_binding_plugin687.v619cb_15e923f

▶NVDjenkins/credentials_binding687.689.v1a_f775332fc

🔴Vulnerability Details

OSV

Jenkins Credentials Binding Plugin vulnerability can expose sensitive information in logger messages↗2025-07-09

▶

GHSA

Jenkins Credentials Binding Plugin vulnerability can expose sensitive information in logger messages↗2025-07-09

▶

CVEList

CVE-2025-53650: Jenkins Credentials Binding Plugin 687↗2025-07-09

▶

📋Vendor Advisories

Jenkins

Jenkins Security Advisory 2025-07-09↗2025-07-09

▶