CVE-2025-53743Insufficiently Protected Credentials in Jenkins Applitools Eyes

CWE-522Insufficiently Protected Credentials5 documents5 sources
Severity
5.3MEDIUMNVD
EPSS
0.0%
top 86.27%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Jenkins Applitools EyesJenkins Project Jenkins Applitools Eyes Plugin
Timeline
PublishedJul 9

Description

Jenkins Applitools Eyes Plugin 1.16.5 and earlier does not mask Applitools API keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

🔴Vulnerability Details

3
CVEList
CVE-2025-53743: Jenkins Applitools Eyes Plugin 12025-07-09
GHSA
Jenkins Applitools Eyes Plugin vulnerability does not mask API keys on its job configuration form2025-07-09
OSV
Jenkins Applitools Eyes Plugin vulnerability does not mask API keys on its job configuration form2025-07-09

📋Vendor Advisories

1
Jenkins
Jenkins Security Advisory 2025-07-092025-07-09
CVE-2025-53743 — Insufficiently Protected Credentials | cvebase