1. Home
  2. CVE Database
  3. CVE-2025-64145
MEDIUM · 4.3

CVE-2025-64145

Jenkins ByteGuard Build Actions Plugin 1.0 does not mask API tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them.

Vulnerability Description

Jenkins ByteGuard Build Actions Plugin 1.0 does not mask API tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them.

CVSS Score

4.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
JenkinsByteguard Build Actions1.0

Related Weaknesses (CWE)

CWE-311

References

FAQ

What is CVE-2025-64145?

CVE-2025-64145 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Jenkins ByteGuard Build Actions Plugin 1.0 does not mask API tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them.

How severe is CVE-2025-64145?

CVE-2025-64145 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-64145?

Check the references section above for vendor advisories and patch information. Affected products include: Jenkins Byteguard Build Actions.