FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

jenkins -- multiple vulnerabilities

Affected packages
jenkins < 2.528
jenkins-lts < 2.516.3

Details

VuXML ID b9b668f0-96ec-4568-b618-2edea45d6933
Discovery 2025-09-17
Entry 2025-09-17

Jenkins Security Advisory:

Description

(High) SECURITY-3618 / CVE-2025-5115

HTTP/2 denial of service vulnerability in bundled Jetty

(Medium) SECURITY-3594 / CVE-2025-59474

Missing permission check allows obtaining agent names

(Medium) SECURITY-3625 / CVE-2025-59475

Missing permission check in authenticated users' profile menu

(Medium) SECURITY-3424 / CVE-2025-59476

Log message injection vulnerability

[source]

References

CVE Name CVE-2025-5115
CVE Name CVE-2025-59474
CVE Name CVE-2025-59475
CVE Name CVE-2025-59476
URL https://www.jenkins.io/security/advisory/2025-09-17/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.