Vulnerability-Lookup

WID-SEC-W-2025-1966

Vulnerability from csaf_certbund - Published: 2025-09-03 22:00 - Updated: 2025-09-03 22:00

Summary

Jenkins Plugins: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Jenkins ist ein erweiterbarer, webbasierter Integration Server zur kontinuierlichen Unterstützung bei Softwareentwicklungen aller Art.

Angriff

Ein entfernter authentisierter Angreifer kann mehrere Schwachstellen in Jenkins-Plugins ausnutzen, um Informationen offenzulegen, Sicherheitsmaßnahmen zu umgehen und Daten zu manipulieren.

Betroffene Betriebssysteme

- Sonstiges - UNIX - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "niedrig"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Jenkins ist ein erweiterbarer, webbasierter Integration Server zur kontinuierlichen Unterst\u00fctzung bei Softwareentwicklungen aller Art.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter authentisierter Angreifer kann mehrere Schwachstellen in Jenkins-Plugins ausnutzen, um Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen und Daten zu manipulieren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-1966 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1966.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-1966 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1966"
      },
      {
        "category": "external",
        "summary": "Jenkins Security Advisory 2025-09-03 vom 2025-09-03",
        "url": "https://www.jenkins.io/security/advisory/2025-09-03/"
      }
    ],
    "source_lang": "en-US",
    "title": "Jenkins Plugins: Mehrere Schwachstellen erm\u00f6glichen Offenlegung von Informationen",
    "tracking": {
      "current_release_date": "2025-09-03T22:00:00.000+00:00",
      "generator": {
        "date": "2025-09-04T10:41:05.228+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.4.0"
        }
      },
      "id": "WID-SEC-W-2025-1966",
      "initial_release_date": "2025-09-03T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-09-03T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "Git client Plugin \u003c6.3.3",
                "product": {
                  "name": "Jenkins Jenkins Git client Plugin \u003c6.3.3",
                  "product_id": "T046709"
                }
              },
              {
                "category": "product_version",
                "name": "Git client Plugin 6.3.3",
                "product": {
                  "name": "Jenkins Jenkins Git client Plugin 6.3.3",
                  "product_id": "T046709-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:cloudbees:jenkins:git_client_plugin__6.3.3"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "global-build-stats Plugin \u003c347.v32a_eb_0493c4f",
                "product": {
                  "name": "Jenkins Jenkins global-build-stats Plugin \u003c347.v32a_eb_0493c4f",
                  "product_id": "T046710"
                }
              },
              {
                "category": "product_version",
                "name": "global-build-stats Plugin 347.v32a_eb_0493c4f",
                "product": {
                  "name": "Jenkins Jenkins global-build-stats Plugin 347.v32a_eb_0493c4f",
                  "product_id": "T046710-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:cloudbees:jenkins:global-build-stats_plugin__347.v32a_eb_0493c4f"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Jakarta Mail API Plugin \u003c2.1.3-3",
                "product": {
                  "name": "Jenkins Jenkins Jakarta Mail API Plugin \u003c2.1.3-3",
                  "product_id": "T046711"
                }
              },
              {
                "category": "product_version",
                "name": "Jakarta Mail API Plugin 2.1.3-3",
                "product": {
                  "name": "Jenkins Jenkins Jakarta Mail API Plugin 2.1.3-3",
                  "product_id": "T046711-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:cloudbees:jenkins:jakarta_mail_api_plugin__2.1.3-3"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "OpenTelemetry Plugin \u003c3.1543.1545.vf5a_4ec123769",
                "product": {
                  "name": "Jenkins Jenkins OpenTelemetry Plugin \u003c3.1543.1545.vf5a_4ec123769",
                  "product_id": "T046712"
                }
              },
              {
                "category": "product_version",
                "name": "OpenTelemetry Plugin 3.1543.1545.vf5a_4ec123769",
                "product": {
                  "name": "Jenkins Jenkins OpenTelemetry Plugin 3.1543.1545.vf5a_4ec123769",
                  "product_id": "T046712-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:cloudbees:jenkins:opentelemetry_plugin__3.1543.1545.vf5a_4ec123769"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Jenkins"
          }
        ],
        "category": "vendor",
        "name": "Jenkins"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-58458",
      "product_status": {
        "known_affected": [
          "T046709"
        ]
      },
      "release_date": "2025-09-03T22:00:00.000+00:00",
      "title": "CVE-2025-58458"
    },
    {
      "cve": "CVE-2025-58459",
      "product_status": {
        "known_affected": [
          "T046710"
        ]
      },
      "release_date": "2025-09-03T22:00:00.000+00:00",
      "title": "CVE-2025-58459"
    },
    {
      "cve": "CVE-2025-58460",
      "product_status": {
        "known_affected": [
          "T046712"
        ]
      },
      "release_date": "2025-09-03T22:00:00.000+00:00",
      "title": "CVE-2025-58460"
    },
    {
      "cve": "CVE-2025-7962",
      "product_status": {
        "known_affected": [
          "T046711"
        ]
      },
      "release_date": "2025-09-03T22:00:00.000+00:00",
      "title": "CVE-2025-7962"
    }
  ]
}

CVE-2025-7962 (GCVE-0-2025-7962)

Vulnerability from cvelistv5 – Published: 2025-07-21 17:22 – Updated: 2025-11-04 21:14

Summary

In Jakarta Mail 2.0.2 it is possible to preform a SMTP Injection by utilizing the \r and \n UTF-8 characters to separate different messages.

Severity ?

6 (Medium)


                        
                          CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N

CWE

CWE-147 - Improper Neutralization of Input Terminators

Assigner

eclipse

References

URL

Tags

https://gitlab.eclipse.org/security/cve-assigneme…

Impacted products

	Vendor	Product	Version
	Eclipse Foundation	Jakarta Mail	Unaffected: 1.6.8 Unaffected: 2.0.2

Credits

1ue blu3r

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-7962",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-21T17:41:32.809192Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-21T17:41:53.288Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T21:14:59.595Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/09/03/4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Jakarta Mail",
          "vendor": "Eclipse Foundation",
          "versions": [
            {
              "status": "unaffected",
              "version": "1.6.8"
            },
            {
              "status": "unaffected",
              "version": "2.0.2"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "1ue"
        },
        {
          "lang": "en",
          "type": "reporter",
          "value": "blu3r"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "In Jakarta Mail 2.0.2 it is possible to preform a SMTP Injection by utilizing the\u0026nbsp;\\r and \\n UTF-8 characters to separate different messages."
            }
          ],
          "value": "In Jakarta Mail 2.0.2 it is possible to preform a SMTP Injection by utilizing the\u00a0\\r and \\n UTF-8 characters to separate different messages."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 6,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "LOW",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-147",
              "description": "CWE-147 Improper Neutralization of Input Terminators",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-24T10:18:46.544Z",
        "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "shortName": "eclipse"
      },
      "references": [
        {
          "url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/67"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
    "assignerShortName": "eclipse",
    "cveId": "CVE-2025-7962",
    "datePublished": "2025-07-21T17:22:12.520Z",
    "dateReserved": "2025-07-21T17:10:58.094Z",
    "dateUpdated": "2025-11-04T21:14:59.595Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-58460 (GCVE-0-2025-58460)

Vulnerability from cvelistv5 – Published: 2025-09-03 15:02 – Updated: 2025-11-04 21:13

Summary

A missing permission check in Jenkins OpenTelemetry Plugin 3.1543.v8446b_92b_cd64 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

Severity ?

4.2 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

CWE

CWE-862 - Missing Authorization

Assigner

jenkins

References

URL

Tags

https://www.jenkins.io/security/advisory/2025-09-…

vendor-advisory

Impacted products

	Vendor	Product	Version
	Jenkins Project	Jenkins OpenTelemetry Plugin	Affected: 0 , ≤ 3.1543.v8446b_92b_cd64 (maven)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 4.2,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-58460",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-03T15:54:56.312435Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-862",
                "description": "CWE-862 Missing Authorization",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-03T15:56:20.138Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T21:13:45.952Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/09/03/4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Jenkins OpenTelemetry Plugin",
          "vendor": "Jenkins Project",
          "versions": [
            {
              "lessThanOrEqual": "3.1543.v8446b_92b_cd64",
              "status": "affected",
              "version": "0",
              "versionType": "maven"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A missing permission check in Jenkins OpenTelemetry Plugin 3.1543.v8446b_92b_cd64 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-03T15:02:27.580Z",
        "orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
        "shortName": "jenkins"
      },
      "references": [
        {
          "name": "Jenkins Security Advisory 2025-09-03",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.jenkins.io/security/advisory/2025-09-03/#SECURITY-3602"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
    "assignerShortName": "jenkins",
    "cveId": "CVE-2025-58460",
    "datePublished": "2025-09-03T15:02:27.580Z",
    "dateReserved": "2025-09-02T12:44:16.983Z",
    "dateUpdated": "2025-11-04T21:13:45.952Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-58459 (GCVE-0-2025-58459)

Vulnerability from cvelistv5 – Published: 2025-09-03 15:02 – Updated: 2025-11-04 21:13

Summary

Jenkins global-build-stats Plugin 322.v22f4db_18e2dd and earlier does not perform permission checks in its REST API endpoints, allowing attackers with Overall/Read permission to enumerate graph IDs.

Severity ?

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-284 - Improper Access Control

Assigner

jenkins

References

URL

Tags

https://www.jenkins.io/security/advisory/2025-09-…

vendor-advisory

Impacted products

	Vendor	Product	Version
	Jenkins Project	Jenkins global-build-stats Plugin	Affected: 0 , ≤ 322.v22f4db_18e2dd (maven)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 4.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-58459",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-03T15:49:48.495285Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-284",
                "description": "CWE-284 Improper Access Control",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-03T15:50:56.322Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T21:13:44.654Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/09/03/4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Jenkins global-build-stats Plugin",
          "vendor": "Jenkins Project",
          "versions": [
            {
              "lessThanOrEqual": "322.v22f4db_18e2dd",
              "status": "affected",
              "version": "0",
              "versionType": "maven"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Jenkins global-build-stats Plugin 322.v22f4db_18e2dd and earlier does not perform permission checks in its REST API endpoints, allowing attackers with Overall/Read permission to enumerate graph IDs."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-03T15:02:26.867Z",
        "orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
        "shortName": "jenkins"
      },
      "references": [
        {
          "name": "Jenkins Security Advisory 2025-09-03",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.jenkins.io/security/advisory/2025-09-03/#SECURITY-3535"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
    "assignerShortName": "jenkins",
    "cveId": "CVE-2025-58459",
    "datePublished": "2025-09-03T15:02:26.867Z",
    "dateReserved": "2025-09-02T12:44:16.983Z",
    "dateUpdated": "2025-11-04T21:13:44.654Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-58458 (GCVE-0-2025-58458)

Vulnerability from cvelistv5 – Published: 2025-09-03 15:02 – Updated: 2025-11-04 21:13

Summary

In Jenkins Git client Plugin 6.3.2 and earlier, except 6.1.4 and 6.2.1, Git URL field form validation responses differ based on whether the specified file path exists on the controller when specifying `amazon-s3` protocol for use with JGit, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.

Severity ?

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-538 - Insertion of Sensitive Information into Externally-Accessible File or Directory
CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Assigner

jenkins

References

URL

Tags

https://www.jenkins.io/security/advisory/2025-09-…

vendor-advisory

Impacted products

	Vendor	Product	Version
	Jenkins Project	Jenkins Git client Plugin	Unaffected: 6.3.3 , < * (maven) Unaffected: 6.1.4 , < 6.1.* (maven) Unaffected: 6.2.1 , < 6.2.* (maven)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 4.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-58458",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-03T15:39:03.501942Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-538",
                "description": "CWE-538 Insertion of Sensitive Information into Externally-Accessible File or Directory",
                "lang": "en",
                "type": "CWE"
              }
            ]
          },
          {
            "descriptions": [
              {
                "cweId": "CWE-200",
                "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-03T15:45:52.154Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T21:13:43.342Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/09/03/4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Jenkins Git client Plugin",
          "vendor": "Jenkins Project",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "6.3.3",
              "versionType": "maven"
            },
            {
              "lessThan": "6.1.*",
              "status": "unaffected",
              "version": "6.1.4",
              "versionType": "maven"
            },
            {
              "lessThan": "6.2.*",
              "status": "unaffected",
              "version": "6.2.1",
              "versionType": "maven"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In Jenkins Git client Plugin 6.3.2 and earlier, except 6.1.4 and 6.2.1, Git URL field form validation responses differ based on whether the specified file path exists on the controller when specifying `amazon-s3` protocol for use with JGit, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-05T07:08:01.133Z",
        "orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
        "shortName": "jenkins"
      },
      "references": [
        {
          "name": "Jenkins Security Advisory 2025-09-03",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.jenkins.io/security/advisory/2025-09-03/#SECURITY-3590"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
    "assignerShortName": "jenkins",
    "cveId": "CVE-2025-58458",
    "datePublished": "2025-09-03T15:02:26.231Z",
    "dateReserved": "2025-09-02T12:44:16.983Z",
    "dateUpdated": "2025-11-04T21:13:43.342Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2025-1966

CVE-2025-7962 (GCVE-0-2025-7962)

CVE-2025-58460 (GCVE-0-2025-58460)

CVE-2025-58459 (GCVE-0-2025-58459)

CVE-2025-58458 (GCVE-0-2025-58458)

Tags

Sightings

Nomenclature