6 matches found
CVE-2025-67635 vulnerabilities
Vulnerabilities for packages: jenkins...
Jenkins < 2.319.2, < 2.330 Multiple Vulnerabilities - Windows
Jenkins is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:jenkins:jenkins"; ifdescription...
appscanstandard-integration:ibm-security-appscanstandard-scanner (>=1.0 <=2.8), au.com.versent.jenkins.plugins:ignore-committer-strategy (>=55.v51410e712e0c <=57.v0756db_b_f6926) +625 more potentially affected by CVE-2025-67635 via org.jenkins-ci.main:cli (>=2.0 <=2.528.2)
org.jenkins-ci.main:cli MAVEN version =2.0, =1.0, =55.v51410e712e0c, =4.1.0.506.v619d63bec9d8, =66.v12c841920f7d, =109.v2c51a117a7b4, =1.155.v3d884c1bdee1, =1.281.v331e3f5a05a9, =4050.v8ba69b587c39, =4050.v8ba69b587c39, =1.0.5, =2.0.0, =2.0, =1.0.2, =1.0.0, =1.0.6 and more Source cves: CVE-20...
appscanstandard-integration:ibm-security-appscanstandard-scanner (>=1.0 <=2.8), au.com.versent.jenkins.plugins:ignore-committer-strategy (>=55.v51410e712e0c <=57.v0756db_b_f6926) +626 more potentially affected by CVE-2025-67635 via org.jenkins-ci.main:jenkins-core (>=2.0 <=2.528.2)
org.jenkins-ci.main:jenkins-core MAVEN version =2.0, =1.0, =55.v51410e712e0c, =4.1.0.506.v619d63bec9d8, =66.v12c841920f7d, =109.v2c51a117a7b4, =1.155.v3d884c1bdee1, =1.281.v331e3f5a05a9, =4050.v8ba69b587c39, =4050.v8ba69b587c39, =1.0.5, =2.0.0, =2.0, =1.0.2, =1.0.0, =1.0.6 and more So...
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1890 more potentially affected by CVE-2025-67635 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.528.2)
org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =55.v51410e712e0c, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.23 and more Source cves: CVE-2025-67635 Source advisory: OSV:GHSA-9P56-P6MW-W8QC...
CVE-2025-67635
Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not properly close HTTP-based CLI connections when the connection stream becomes corrupted, allowing unauthenticated attackers to cause a denial of service...