CVE-2025-53651
published 2025-07-09CVE-2025-53651: Jenkins HTML Publisher Plugin 425 and earlier displays log messages that include the absolute paths of files archived during the Publish HTML reports…
medium6.3CVSS 3.1
AVNACLPRLUINSUCLILAL
Jenkins HTML Publisher Plugin 425 and earlier displays log messages that include the absolute paths of files archived during the Publish HTML reports post-build step, exposing information about the Jenkins controller file system in the build log.
Affected
21 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jenkins | apica_loadtest_plugin | — | — |
| jenkins | applitools_eyes_plugin | — | — |
| jenkins | aqua_security_scanner_plugin | — | — |
| jenkins | credentials_binding_plugin | — | — |
| jenkins | git_parameter_plugin | — | — |
| jenkins | html_publisher | < 427 | 427 |
| jenkins | html_publisher_plugin | — | — |
| jenkins | ibm_cloud_devops_plugin | — | — |
| jenkins | ifttt_build_notifier_plugin | — | — |
| jenkins | kryptowire_plugin | — | — |
| jenkins | nouvola_divecloud_plugin | — | — |
| jenkins | qmetry_test_management_plugin | — | — |
| jenkins | readyapi_functional_testing_plugin | — | — |
| jenkins | snitch_plugin | — | — |
| jenkins | statistics_gatherer_plugin | — | — |
| jenkins | testsigma_test_plan_run_plugin | — | — |
| jenkins | user1st_utester_plugin | — | — |
| jenkins | vaddy_plugin | — | — |
| jenkins | warrior_framework_plugin | — | — |
| jenkins | xooa_plugin | — | — |
| jenkins_project | jenkins_html_publisher_plugin | <= 425 | — |