CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-53655

Jenkins Statistics Gatherer Plugin 2.0.3 and earlier does not mask the AWS Secret Key on the global configuration form, increasing the potential for attackers to observe and capture it.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 9.8%

CVSS Severity

CVSS v3 Score 5.3

References

https://www.jenkins.io/security/advisory/2025-07-09/#SECURITY-3554

Products affected by CVE-2025-53655

Jenkins » Statistics Gatherer » Version: 1.0.1

cpe:2.3:a:jenkins:statistics_gatherer:1.0.1
Jenkins » Statistics Gatherer » Version: 1.1.0

cpe:2.3:a:jenkins:statistics_gatherer:1.1.0
Jenkins » Statistics Gatherer » Version: 1.1.1

cpe:2.3:a:jenkins:statistics_gatherer:1.1.1
Jenkins » Statistics Gatherer » Version: 1.1.2

cpe:2.3:a:jenkins:statistics_gatherer:1.1.2
Jenkins » Statistics Gatherer » Version: 1.1.3

cpe:2.3:a:jenkins:statistics_gatherer:1.1.3
Jenkins » Statistics Gatherer » Version: 2.0

cpe:2.3:a:jenkins:statistics_gatherer:2.0
Jenkins » Statistics Gatherer » Version: 2.0.1

cpe:2.3:a:jenkins:statistics_gatherer:2.0.1
Jenkins » Statistics Gatherer » Version: 2.0.2

cpe:2.3:a:jenkins:statistics_gatherer:2.0.2
Jenkins » Statistics Gatherer » Version: 2.0.3

cpe:2.3:a:jenkins:statistics_gatherer:2.0.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-53655

Products

Pricing

Contact Us