CVE-2025-68701

NONE

Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, Jervis uses deterministic AES IV derivation from a passphrase. This vulnerability is fixed in 2.2.

Publicado: 1/13/2026Actualizado: 1/14/2026
Ver en NVDVer en MITRE

Descripción

Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, Jervis uses deterministic AES IV derivation from a passphrase. This vulnerability is fixed in 2.2.

Análisis IAImpulsado por IA

Referencias