CVE-2025-64147

Jenkins Curseforge Publisher Plugin 1.0 does not mask API Keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them.

Published Oct 30, 2025

https://github.com/advisories/GHSA-hv42-crpx-q355

CVSS ScoreMedium

4.3

Ecosystem	Package	Version

Ecosystem	Package	Version

Vulnerabilities

CVE-2025-64147

Jenkins Curseforge Publisher Plugin 1.0 does not mask API Keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them.

Published Oct 30, 2025

https://github.com/advisories/GHSA-hv42-crpx-q355

CVSS ScoreMedium

4.3


maven	org.jenkins-ci.plugins/curseforge-publisher	1.0

Ecosystem	Package	Version


maven	org.jenkins-ci.plugins/curseforge-publisher	1.0

Find vulnerabilities. Fix fast with AI.

CVE-2025-64147

CVE-2025-64147