CNNVD-202510-4007 Information

CNNVD ID

CNNVD-202510-4007

Related CVE

CVE-2025-64139

• CNNVD Published: 2025-10-29

Description (Chinese)

Jenkins Start Windocks Containers Plugin是Jenkins开源的一个链接WinDocks主机的插件。 Jenkins Start Windocks Containers Plugin 1.4及之前版本存在安全漏洞，该漏洞源于缺少权限检查，可能导致攻击者连接至任意URL。

Description (English)

Jenkins Star Windows Contractors Plugin is a link to the WinDocks mainframe of Jenkins Open Source. There is a security loophole in Jenkins Start Windows Consortiums Plugin 1.4 and earlier versions, which stems from a lack of access checks, which may lead to the attackers connecting to any URL.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Jenkins

Published

2025-10-29

Last Modified

2026-02-24

References

https://www.jenkins.io/security/advisory/2025-10-29/#SECURITY-3531 https://access.redhat.com/security/cve/cve-2025-64139

Patch

https://www.jenkins.io/security/advisory/2025-10-29/#SECURITY-3531