PT-2026-2495

Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, Jervis uses padLeft32, '0' when it should use padLeft64, '0' because SHA-256 produces 32 bytes which equates to 64 hex characters. This vulnerability is fixed in 2.2...

MAL-2025-17200 Malicious code in cluster-nextjs-html-webpack-plugin-scripts (npm)

The package cluster-nextjs-html-webpack-plugin-scripts was found to contain malicious code...

PT-2019-11868 · Jenkins · Jenkins Global Post Script Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Global Post Script Plugin affected versions not specified Description: The issue is related to a missing permission check in the Jenkins Global Post Script Plugin. This allows users with Overall/Read access to list the scripts availab...