Количество 2
Количество 2
CVE-2025-68703
26 дней назад
Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, the salt is derived from sha256Sum(passphrase). Two encryption operations with the same password will have the same derived key. This vulnerability is fixed in 2.2.
CVSS3: 7.5
EPSS: Низкий
GHSA-36h5-vrq6-pp34
26 дней назад
Jervis's Salt for PBKDF2 derived from password
CVSS3: 7.5
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-68703 Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, the salt is derived from sha256Sum(passphrase). Two encryption operations with the same password will have the same derived key. This vulnerability is fixed in 2.2. | CVSS3: 7.5 | 0% Низкий | 26 дней назад |
| GHSA-36h5-vrq6-pp34 Jervis's Salt for PBKDF2 derived from password | CVSS3: 7.5 | 0% Низкий | 26 дней назад |
Уязвимостей на страницу
20