CVE-2025-53666

None

Description

Jenkins Dead Man's Snitch Plugin 0.1 stores Dead Man's Snitch tokens unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system.

INFO

Published Date :

2025-07-09T15:39:36.057Z

Last Modified :

2025-11-04T21:12:16.117Z

Source :

jenkins

AFFECTED PRODUCTS

The following products are affected by CVE-2025-53666 vulnerability.

Vendors	Products
Jenkins	Dead Man\'s Snitch

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-53666.

URL	Resource
http://www.openwall.com/lists/oss-security/2025/07/09/4
https://www.jenkins.io/security/advisory/2025-07-09/#SECURITY-3524

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact