The Jenkins project released Security Advisory 2025-10-29 on October 28, 2025, disclosing multiple vulnerabilities across 13 plugins that power the popular open-source automation server.
These flaws range from high-severity authentication bypasses to permission misconfigurations and credential exposures, potentially exposing enterprise CI/CD pipelines to unauthorized access and code execution.
While fixes are available for two critical issues in the SAML and MCP Server plugins, most others remain unresolved, urging immediate updates where possible and vigilant monitoring.
The advisory highlights a replay vulnerability in the SAML Plugin (SECURITY-3613, CVE-2025-64131), rated high severity with a CVSS score of 7.5.
Versions up to 4.583.vc68232f7018a_ lack a replay cache, enabling attackers who intercept SAML authentication flows such as through network sniffing or man-in-the-middle attacks to replay requests and impersonate users.
This could grant full access to Jenkins instances handling sensitive builds, especially in federated environments using single sign-on.
The fix in version 4.583.585.v22ccc1139f55 introduces a replay cache to block duplicates, a straightforward mitigation that administrators should prioritize.
Complementing this, the MCP Server Plugin suffers from missing permission checks (SECURITY-3622, CVE-2025-64132), a medium-severity issue (CVSS 5.4) affecting versions up to 0.84.v50ca_24ef83f2.
Attackers with basic Item/Read access can extract SCM configurations, trigger unauthorized builds, or list cloud setups without proper privileges via tools like getJobScm, triggerBuild, and getStatus.
This escalates risks in multi-user setups, allowing lateral movement within Jenkins. Updating to 0.86.v7d3355e6a_a_18 enforces these checks, closing the gap effectively.
Widespread CSRF, XXE, and Credential Exposures
Beyond these, the advisory uncovers a cluster of medium- to high-severity flaws in other plugins, including CSRF vulnerabilities and improper credential handling.
For instance, the Extensible Choice Parameter Plugin (SECURITY-3583, CVE-2025-64133) exposes a CSRF endpoint (CVSS 4.3) that lets unauthenticated users execute sandboxed Groovy code via tricked interactions, with no fix yet available.
Similarly, the JDepend Plugin’s outdated XML parser (SECURITY-2936, CVE-2025-64134, CVSS 7.1) enables XXE attacks for secret extraction or SSRF when processing crafted reports.
Credential storage issues plague several plugins: OpenShift Pipeline (CVE-2025-64143), ByteGuard Build Actions (CVE-2025-64144), and Curseforge Publisher (CVE-2025-64146) all save tokens or API keys in plain text within job config.xml files, viewable by users with Extended Read access (CVSS 4.3 each).
The azure-cli Plugin goes further with shell command injection (SECURITY-3538, CVE-2025-64140, CVSS 8.8), allowing arbitrary controller execution for those with Item/Configure rights no fix in sight.
Plugins like Themis, Start Windocks Containers, Nexus Task Runner, and Publish to Bitbucket also feature CSRF and missing checks that could leak credentials or connect to malicious URLs (CVSS 4.3–5.4).
The Eggplant Runner Plugin disables a Java HTTP auth protection (SECURITY-3326, CVE-2025-64135, CVSS 5.9), reintroducing risks from CVE-2016-5597.
Mitigations
These vulnerabilities underscore Jenkins’ expansive plugin ecosystem’s double-edged sword: versatility at the cost of security if not maintained.
With over 1,800 plugins, unpatched instances in corporate networks could face exploitation chains, from auth bypass to RCE, amplifying supply chain threats in software development.
No exploits in the wild are reported yet, but the advisory’s timing aligns with rising CI/CD attacks.
| CVE ID | Plugin | Severity (CVSS v3.1) | Affected Versions | Description Summary | Fixed? |
|---|---|---|---|---|---|
| CVE-2025-64131 | SAML | High (7.5) | ≤4.583.vc68232f7018a_ | Replay attack in auth flow | Yes (4.583.585.v22ccc1139f55) |
| CVE-2025-64132 | MCP Server | Medium (5.4) | ≤0.84.v50ca_24ef83f2 | Missing permission checks for tools | Yes (0.86.v7d3355e6a_a_18) |
| CVE-2025-64133 | Extensible Choice | Medium (4.3) | ≤239.v5f5c278708cf | CSRF enabling Groovy execution | No |
| CVE-2025-64134 | JDepend | High (7.1) | ≤1.3.1 | XXE via outdated XML parser | No |
| CVE-2025-64135 | Eggplant Runner | Medium (5.9) | ≤0.0.1.301.v963cffe8ddb_8 | Disables Java auth protection | No |
| CVE-2025-64136/64137 | Themis | Medium (4.3) | ≤1.4.1 | CSRF & missing check for URL connect | No |
| CVE-2025-64138/64139 | Windocks Containers | Medium (4.3) | ≤1.4 | CSRF & missing check for URL connect | No |
| CVE-2025-64140 | azure-cli | High (8.8) | ≤0.9 | Arbitrary shell command injection | No |
| CVE-2025-64141/64142 | Nexus Task Runner | Medium (4.3) | ≤0.9.2 | CSRF & missing check for URL/cred connect | No |
| CVE-2025-64143 | OpenShift Pipeline | Medium (4.3) | ≤1.0.57 | Plain text token storage | No |
| CVE-2025-64144/64145 | ByteGuard Build Actions | Medium (4.3) | ≤1.0 | Plain text API token storage & masking | No |
| CVE-2025-64146/64147 | Curseforge Publisher | Medium (4.3) | ≤1.0 | Plain text API key storage & masking | No |
| CVE-2025-64148 | Publish to Bitbucket | Medium (4.3) | ≤0.4 | Enumerates credential IDs | No |
| CVE-2025-64149/64150 | Publish to Bitbucket | Medium (5.4) | ≤0.4 | CSRF & missing check for URL/cred capture | No |
Organizations should audit plugins, apply SAML and MCP fixes immediately, disable unused ones, and enable CSRF protections. The Jenkins team credits reporters for proactive disclosure, emphasizing community vigilance in this foundational tool.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
