Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Snyk
Snykadded 2026/01/13 2:56 p.m.2 views

Use of a Broken or Risky Cryptographic Algorithm

Overview net.gleske:jervis is a Self service Jenkins job generation using Jenkins Job DSL plugin groovy scripts. Reads .jervis.yml and generates a job in Jenkins. Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm via the AES/CBC/PKCS5Padding...

8.7CVSS7AI score0.00172EPSS
Exploits0References2
Snyk
Snykadded 2026/01/13 2:56 p.m.4 views

Improper Verification of Cryptographic Signature

Overview net.gleske:jervis is a Self service Jenkins job generation using Jenkins Job DSL plugin groovy scripts. Reads .jervis.yml and generates a job in Jenkins. Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature in the JWT verification process. ...

6.9CVSS6.8AI score0.00128EPSS
Exploits0References2
OSV
OSVadded 2026/01/13 2:56 p.m.3 views

GHSA-5PQ9-5MPR-JJ85 Jervis Has a JWT Algorithm Confusion Vulnerability

Vulnerability https://github.com/samrocketman/jervis/blob/157d2b63ffa5c4bb1d8ee2254950fd2231de2b05/src/main/groovy/net/gleske/jervis/tools/SecurityIO.groovyL244-L249 The code doesn't validate that the JWT header specifies "alg":"RS256". Impact Depending on the broader system, this could allow JWT...

6.9CVSS6.9AI score0.00128EPSS
Exploits0References6
Snyk
Snykadded 2026/01/13 2:28 p.m.3 views

Use of a Broken or Risky Cryptographic Algorithm

Overview net.gleske:jervis is a Self service Jenkins job generation using Jenkins Job DSL plugin groovy scripts. Reads .jervis.yml and generates a job in Jenkins. Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm via the PKCS1Encoding function. A...

8.7CVSS6.8AI score0.00128EPSS
Exploits0References2
Github Security Blog
Github Security Blogadded 2026/01/13 2:28 p.m.9 views

Jervis Has a RSA PKCS#1 Padding Vulnerability

Vulnerability https://github.com/samrocketman/jervis/blob/157d2b63ffa5c4bb1d8ee2254950fd2231de2b05/src/main/groovy/net/gleske/jervis/tools/SecurityIO.groovyL463-L465...

8.7CVSS6.9AI score0.00128EPSS
Exploits0References6Affected Software1
CNNVD
CNNVDadded 2026/01/13 12:0 a.m.4 views

Jervis 加密问题漏洞

Jervis is an automation tool from the individual developer Sam Gleske. A cryptographic issue vulnerability exists in versions prior to Jervis 2.2 that stems from the SHA-256 and derived salt values from a passphrase, resulting in the same key being generated for the same passphrase...

8.7CVSS5.8AI score0.00116EPSS
Exploits0References3
CNNVD
CNNVDadded 2026/01/13 12:0 a.m.5 views

Jervis 安全漏洞

Jervis is an automation tool from the individual developer Sam Gleske. A security vulnerability exists in versions prior to Jervis 2.2 that stems from the deterministic derivation of AES IV from passwords, which could lead to cryptographic vulnerabilities...

8.7CVSS5.8AI score0.00202EPSS
Exploits0References3
Rows per page
Query Builder