HomeDefault status
unknown
Any version
affected
Description
Jenkins QMetry Test Management Plugin 1.13 and earlier does not mask Qmetry Automation API Keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them.
Product status
Any version
References
www.openwall.com/lists/oss-security/2025/07/09/4
www.jenkins.io/security/advisory/2025-07-09/ (Jenkins Security Advisory 2025-07-09)