Security
Headlines

Headlines Latest CVEs

Headline

GHSA-p3f5-98cv-562j: Jenkins is missing a permission check on password fields

A missing permission check in Jenkins 2.540 and earlier, LTS 2.528.2 and earlier allows attackers with View/Read permission to view encrypted password values in views.

1 day ago

#git #java #intel #maven

Skip to content

Navigation Menu

- AI CODE CREATION
  - GitHub CopilotWrite better code with AI
  - GitHub SparkBuild and deploy intelligent apps
  - GitHub ModelsManage and compare prompts
  - MCP RegistryNewIntegrate external tools

View all features

Pricing

Provide feedback

Saved searches****Use saved searches to filter your results more quickly

Sign up

Appearance settings

GitHub Advisory Database
GitHub Reviewed
CVE-2025-67636

Jenkins is missing a permission check on password fields

Moderate severity GitHub Reviewed Published Dec 10, 2025 to the GitHub Advisory Database • Updated Dec 10, 2025

Package

maven org.jenkins-ci.main:jenkins-core (Maven)

Affected versions

>= 2.529, < 2.541

< 2.528.3

Patched versions

2.541

2.528.3

Description

Published to the GitHub Advisory Database

Dec 10, 2025

Last updated

Dec 10, 2025

EPSS score

ghsa: Latest News

GHSA-qgc4-8p88-4w7m: Servify-express rate limit issue

2 hours ago

GHSA-9449-rphm-mjqr: AzuraCast Vulnerable to Pre-Auth File Deletion & Admin RCE

4 hours ago

GHSA-fw33-qpx7-rhx2: Vulnerability discovered in gardenctl versions < v2.12.0

4 hours ago

GHSA-g754-hx8w-x2g6: quic-go HTTP/3 QPACK Header Expansion DoS

4 hours ago

GHSA-8xqm-6fj2-hfgf: PowerJob has a server-side request forgery vulnerability in PingPongUtils.java

5 hours ago