CVE-2025-64136

A cross-site request forgery (CSRF) vulnerability in Jenkins Themis Plugin 1.4.1 and earlier allows attackers to connect to an attacker-specified HTTP server.

Published Oct 30, 2025

https://github.com/advisories/GHSA-93mh-mx9w-m69q

CVSS ScoreMedium

4.3

Ecosystem	Package	Version

Ecosystem	Package	Version

Vulnerabilities

CVE-2025-64136

A cross-site request forgery (CSRF) vulnerability in Jenkins Themis Plugin 1.4.1 and earlier allows attackers to connect to an attacker-specified HTTP server.

Published Oct 30, 2025

https://github.com/advisories/GHSA-93mh-mx9w-m69q

CVSS ScoreMedium

4.3


maven	org.jenkins-ci.plugins/themis	1.0
maven	org.jenkins-ci.plugins/themis	1.1
maven	org.jenkins-ci.plugins/themis	1.2.1
maven	org.jenkins-ci.plugins/themis	1.2.3
maven	org.jenkins-ci.plugins/themis	1.2
maven	org.jenkins-ci.plugins/themis	1.3
maven	org.jenkins-ci.plugins/themis	1.4.1
maven	org.jenkins-ci.plugins/themis	1.4

Ecosystem	Package	Version


maven	org.jenkins-ci.plugins/themis	1.0
maven	org.jenkins-ci.plugins/themis	1.1
maven	org.jenkins-ci.plugins/themis	1.2.1
maven	org.jenkins-ci.plugins/themis	1.2.3
maven	org.jenkins-ci.plugins/themis	1.2
maven	org.jenkins-ci.plugins/themis	1.3
maven	org.jenkins-ci.plugins/themis	1.4.1
maven	org.jenkins-ci.plugins/themis	1.4

Find vulnerabilities. Fix fast with AI.

CVE-2025-64136

CVE-2025-64136