CVE-2025-68698 Jervis has an RSA PKCS#1 v1.5 Padding Vulnerability

Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, Jervis uses PKCS1Encoding which is vulnerable to Bleichenbacher padding oracle attacks. Modern systems should use OAEP Optimal Asymmetric Encryption Padding. This vulnerability is fixed in 2.2...

CVE-2025-68698 Jervis has an RSA PKCS#1 v1.5 Padding Vulnerability

Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, Jervis uses PKCS1Encoding which is vulnerable to Bleichenbacher padding oracle attacks. Modern systems should use OAEP Optimal Asymmetric Encryption Padding. This vulnerability is fixed in 2.2...

CVE-2025-68698

CVE-2025-68698 affects the Jervis library (used by Jenkins Job DSL scripts and shared pipelines). Before version 2.2, Jervis uses PKCS1Encoding, making it vulnerable to Bleichenbacher padding oracle attacks. The issue is mitigated by upgrading to Jervis 2.2 or newer, which switches to OAEP paddin...

CVE-2025-68698 Jervis has an RSA PKCS#1 v1.5 Padding Vulnerability

Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, Jervis uses PKCS1Encoding which is vulnerable to Bleichenbacher padding oracle attacks. Modern systems should use OAEP Optimal Asymmetric Encryption Padding. This vulnerability is fixed in 2.2...

Use of a Broken or Risky Cryptographic Algorithm

Overview net.gleske:jervis is a Self service Jenkins job generation using Jenkins Job DSL plugin groovy scripts. Reads .jervis.yml and generates a job in Jenkins. Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm via the AES/CBC/PKCS5Padding...

Jervis's AES CBC Mode is Without Authentication

Vulnerability https://github.com/samrocketman/jervis/blob/157d2b63ffa5c4bb1d8ee2254950fd2231de2b05/src/main/groovy/net/gleske/jervis/tools/SecurityIO.groovyL682-L684...

GHSA-GXP5-MV27-VJCJ Jervis's AES CBC Mode is Without Authentication

Vulnerability https://github.com/samrocketman/jervis/blob/157d2b63ffa5c4bb1d8ee2254950fd2231de2b05/src/main/groovy/net/gleske/jervis/tools/SecurityIO.groovyL682-L684...

Jervis Has a SHA-256 Hex String Padding Bug

Vulnerability https://github.com/samrocketman/jervis/blob/157d2b63ffa5c4bb1d8ee2254950fd2231de2b05/src/main/groovy/net/gleske/jervis/tools/SecurityIO.groovyL622-L626 padLeft32, '0' should be padLeft64, '0'. SHA-256 produces 32 bytes = 64 hex characters. Impact Inconsistent hash lengths when leadi...

Use of a Broken or Risky Cryptographic Algorithm

Overview net.gleske:jervis is a Self service Jenkins job generation using Jenkins Job DSL plugin groovy scripts. Reads .jervis.yml and generates a job in Jenkins. Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm due to improper padding of SHA-25...

GHSA-67RJ-PJG6-PQ59 Jervis Has a SHA-256 Hex String Padding Bug

Vulnerability https://github.com/samrocketman/jervis/blob/157d2b63ffa5c4bb1d8ee2254950fd2231de2b05/src/main/groovy/net/gleske/jervis/tools/SecurityIO.groovyL622-L626 padLeft32, '0' should be padLeft64, '0'. SHA-256 produces 32 bytes = 64 hex characters. Impact Inconsistent hash lengths when leadi...

Use of a Broken or Risky Cryptographic Algorithm

Overview net.gleske:jervis is a Self service Jenkins job generation using Jenkins Job DSL plugin groovy scripts. Reads .jervis.yml and generates a job in Jenkins. Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm via the PKCS1Encoding function. A...

Jervis Has a RSA PKCS#1 Padding Vulnerability

Vulnerability https://github.com/samrocketman/jervis/blob/157d2b63ffa5c4bb1d8ee2254950fd2231de2b05/src/main/groovy/net/gleske/jervis/tools/SecurityIO.groovyL463-L465...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: sched: actconnmark: Initialize struct tcife to prevent kernel leaks. In tcfconnmarkdump, the variable ‘opt’ was partially initialized using a specified initializer. As a result, the padding bytes remained uninitialized. The...

PT-2026-2557

Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, AES/CBC/PKCS5Padding lacks authentication, making it vulnerable to padding oracle attacks and ciphertext manipulation. This vulnerability is fixed in 2.2...

Jervis 加密问题漏洞

Jervis is an automation tool from the personal developer Sam Gleske. A vulnerability in cryptographic issues exists in versions prior to Jervis 2.2, which stems from the use of PKCS1Encoding encryption that is vulnerable to the Bleichenbacher padding prediction attack...

Jervis 加密问题漏洞

Jervis is an automation tool from the personal developer Sam Gleske. A cryptographic issue vulnerability exists in versions prior to Jervis 2.2 that stems from processing SHA-256 output using padLeft32, 0 instead of padLeft64, 0, which may result in a hexadecimal representation error...

Jervis 加密问题漏洞

Jervis is an automation tool from the personal developer Sam Gleske. Versions of Jervis prior to 2.2 suffer from a cryptographic issue vulnerability that stems from the lack of authentication in AES/CBC/PKCS5Padding, which makes it susceptible to padded predicate attacks and ciphertext manipulati...

MiracleLinux 7 : nettle-2.7.1-9.0.1.el7.AXS7 (AXSA:2025-10914:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10914:02 advisory. Nettle is a cryptographic library that is designed to fit easily in more or less any context: In crypto toolkits for object-oriented languages C++, Python,...

PT-2026-2495

Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, Jervis uses padLeft32, '0' when it should use padLeft64, '0' because SHA-256 produces 32 bytes which equates to 64 hex characters. This vulnerability is fixed in 2.2...

PT-2026-2493

Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, Jervis uses PKCS1Encoding which is vulnerable to Bleichenbacher padding oracle attacks. Modern systems should use OAEP Optimal Asymmetric Encryption Padding. This vulnerability is fixed in 2.2...