CNNVD-202510-4011 Information

CNNVD ID

CNNVD-202510-4011

Related CVE

CVE-2025-64137

• CNNVD Published: 2025-10-29

Description (Chinese)

Jenkins Themis Plugin是Jenkins开源的一个插件。 Jenkins Themis Plugin 1.4.1及之前版本存在安全漏洞，该漏洞源于缺少权限检查，可能导致攻击者连接至特制HTTP服务器。

Description (English)

Jenkins Themis Plugin is an open-source plugin for Jenkins. There is a security loophole in Jenkins Themis Plugin 1.4.1 and earlier versions, which stems from the lack of access checks and could lead to the attackers connecting to a specially designed HTTP server.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Jenkins

Published

2025-10-29

Last Modified

2026-02-24

References

https://www.jenkins.io/security/advisory/2025-10-29/#SECURITY-3517 https://access.redhat.com/security/cve/cve-2025-64137

Patch

https://www.jenkins.io/security/advisory/2025-10-29/#SECURITY-3517