CVE-2025-27622 - API Security Blog

Main / CVE-2025-27622

CVE-2025-27622

Discription

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of agents via REST API or CLI, allowing attackers with Agent/Extended Read permission to view encrypted values of…Read More

References

Back to Main

Subscribe for the latest news: