← voltar
CVE-2025-67638

CVE-2025-67638

CVSS 4.3 MEDIUMEPSS 0.1%CWE-312
Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not mask build authorization tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Produtos afetados
Jenkins Project · Jenkins

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.jenkins.io/security/advisory/2025-12-10/#SECURITY-783