Security
Headlines

Headlines Latest CVEs

Headline

GHSA-qxh4-j39m-qfx4: Jenkins Redpen - Pipeline Reporter for Jira Plugin has a path traversal vulnerability

Jenkins Redpen - Pipeline Reporter for Jira Plugin 1.054.v7b_9517b_6b_202 and earlier does not correctly perform path validation of the workspace directory while uploading artifacts to Jira, allowing attackers with Item/Configure permission to retrieve files present on the Jenkins controller workspace directory.

1 day ago

#vulnerability #git #java #intel #jira #maven

Skip to content

Navigation Menu

- AI CODE CREATION
  - GitHub CopilotWrite better code with AI
  - GitHub SparkBuild and deploy intelligent apps
  - GitHub ModelsManage and compare prompts
  - MCP RegistryNewIntegrate external tools

View all features

Pricing

Provide feedback

Saved searches****Use saved searches to filter your results more quickly

Sign up

Appearance settings

GitHub Advisory Database
GitHub Reviewed
CVE-2025-67643

Jenkins Redpen - Pipeline Reporter for Jira Plugin has a path traversal vulnerability

Moderate severity GitHub Reviewed Published Dec 10, 2025 to the GitHub Advisory Database • Updated Dec 10, 2025

Package

maven org.jenkinsci.plugins:pipeline-reporter-by-redpen (Maven)

Affected versions

<= 1.054

Description

Published to the GitHub Advisory Database

Dec 10, 2025

Last updated

Dec 10, 2025

EPSS score

ghsa: Latest News

GHSA-qgc4-8p88-4w7m: Servify-express rate limit issue

4 hours ago

GHSA-9449-rphm-mjqr: AzuraCast Vulnerable to Pre-Auth File Deletion & Admin RCE

5 hours ago

GHSA-fw33-qpx7-rhx2: Vulnerability discovered in gardenctl versions < v2.12.0

6 hours ago

GHSA-g754-hx8w-x2g6: quic-go HTTP/3 QPACK Header Expansion DoS

6 hours ago

GHSA-8xqm-6fj2-hfgf: PowerJob has a server-side request forgery vulnerability in PingPongUtils.java

7 hours ago