CVE-2025-0142

Cleartext storage of sensitive information in the Zoom Jenkins Marketplace plugin before version 1.4 may allow an authenticated user to conduct a disclosure of information via network access.

Published: Jan 30, 2025
Updated: Jun 30, 2025
CVE: CVE-2025-0142
GHSA: GHSA-jx45-xp6q-cwjc
Severity: Medium
Exploit:

CVSS v3:

Severity: Unknown
Score:
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWEs:

CWE-312

OWASP TOP 10:

A3 - Sensitive Data Exposure

Affected Software
References

Software	From	Fixed in
io.jenkins.plugins / zoom	-	1.4

https://www.zoom.com/en/trust/security-bulletin/zsb-25001
https://www.zoom.com/en/trust/security-bulletin/zsb-25001/

Vulnerability Database

289,784

CVE-2025-0142