CVE-2025-64136

The vulnerability CVE-2025-64136 affects Jenkins Themis Plugin versions 1.4.1 and earlier. Root cause: a cross-site request forgery (CSRF) flaw due to lack of permission checks in an HTTP endpoint, allowing an attacker with Overall/Read permission to trigger requests to an attacker-specified URL/...

PT-2025-44285

Name of the Vulnerable Software and Affected Versions Jenkins Themis Plugin versions 1.4.1 and earlier Description A cross-site request forgery CSRF issue exists in Jenkins Themis Plugin. This allows attackers to potentially connect to an HTTP server specified by the attacker. A CSRF attack...

PT-2025-44286

Name of the Vulnerable Software and Affected Versions Jenkins Themis Plugin versions 1.4.1 and earlier Description A flaw exists in the Jenkins Themis Plugin where a missing permission check allows attackers possessing Overall/Read permission to establish a connection to a HTTP server specified b...

Jenkins plugin Themis 安全漏洞

Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A security...

Jenkins Themis Plugin 安全漏洞

Jenkins Themis Plugin is an open source plugin for Jenkins. A security vulnerability exists in Jenkins Themis Plugin 1.4.1 and earlier versions, which stems from a lack of privilege checking and could allow an attacker to connect to a specially crafted HTTP server...