CVE-2025-68925 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, the code doesn't validate that the JWT header specifies "alg…
Medium CVSS: 6.9

CVE-2025-68925

Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, the code doesn't validate that the JWT header specifies "alg":"RS256". This vulnerability is fixed in 2.2.
Vendor
Samrocketman
Product
Jervis
CWE
CWE-347
Yayın Tarihi
2026-01-13 20:16:07
Güncelleme
2026-01-20 17:37:26
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-347 Jervis MEDIUM Samrocketman 2026

Referanslar

https://github.com/samrocketman/jervis/commit/c3981ff71de7b0f767dfe7b37a2372cb2a51974a https://github.com/samrocketman/jervis/security/advisories/GHSA-5pq9-5mpr-jj85