Security Advisory

CVE-2025-68925

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-13 19:30:05

Last updated 2026-01-13 19:53:48

Assigner GitHub_M

State PUBLISHED

Description

Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, the code doesnt validate that the JWT header specifies "alg":"RS256". This vulnerability is fixed in 2.2.

← Browse all CVEs View on cve.org ↗