VDB
WID-SEC-W-2025-0689
WID-SEC-W-2025-0689
PUBLISHED
Jenkins ist ein erweiterbarer, webbasierter Integration Server zur kontinuierlichen Unterstützung bei Softwareentwicklungen aller Art.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Jenkins Jenkins AsakusaSatellite Plugin | ||
| Jenkins Jenkins LTS 2.492.3 | ||
| Jenkins Jenkins Templating Engine Plugin <2.5.4 | ||
| Jenkins Jenkins weekly 2.504 | ||
| Jenkins Jenkins Simple Queue Plugin <1.4.7 | ||
| Jenkins Jenkins Stack Hammer Plugin | ||
| Jenkins Jenkins weekly <2.504 | ||
| Cadence vManager Plugin 4.0.1 | ||
| Jenkins Jenkins Cadence vManager Plugin <4.0.1-286.v9e25a_740b_a_48 | ||
| Jenkins Jenkins Simple Queue Plugin 1.4.7 | ||
| Jenkins Jenkins LTS <2.492.3 | ||
| Jenkins Jenkins Templating Engine Plugin 2.5.4 | ||
| monitor |
Exploit Intelligence
- CVE-2025-31722 — Jenkins Templating Engine RCE (github-poc-repo)
- CVE-2025-31722 — Jenkins Templating Engine RCE (github-poc)
- Used to demo CVE-2025-31722. (github-poc)
- https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0689.json (circl)
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0689 (circl)
- https://www.jenkins.io/security/advisory/2025-04-02/ (circl)
Timeline
- Apr 2, 2025 CVE Published