Jenkins Vaddy
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Jenkins Vaddy.
By the Year
In 2025 there have been 2 vulnerabilities in Jenkins Vaddy with an average score of 5.4 out of ten.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 2 | 5.40 |
It may take a day or so for new Vaddy vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Jenkins Vaddy Security Vulnerabilities
Jenkins VAddy Plugin <=1.2.8: Auth Keys Exposed in UI (Info Disclosure)
CVE-2025-53669
4.3 - Medium
- July 09, 2025
Jenkins VAddy Plugin 1.2.8 and earlier does not mask Vaddy API Auth Keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them.
Unprotected Storage of Credentials
Jenkins VAddy Plugin 1.2.8-: Unencrypted API Keys Stored in Config XML
CVE-2025-53668
6.5 - Medium
- July 09, 2025
Jenkins VAddy Plugin 1.2.8 and earlier stores Vaddy API Auth Keys unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system.
Missing Encryption of Sensitive Data
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Jenkins Vaddy or by Jenkins? Click the Watch button to subscribe.
