Vulnerability Details CVE-2025-64144
Jenkins ByteGuard Build Actions Plugin 1.0 stores API tokens unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission, or access to the Jenkins controller file system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 1.4%
CVSS Severity
CVSS v3 Score 4.3
References
Products affected by CVE-2025-64144
-
cpe:2.3:a:jenkins:byteguard_build_actions:1.0