CVE-2025-64138

A cross-site request forgery (CSRF) vulnerability in Jenkins Start Windocks Containers Plugin 1.4 and earlier allows attackers to connect to an attacker-specified URL.

Published Oct 30, 2025

https://github.com/advisories/GHSA-6mgr-3374-4p3c

CVSS ScoreMedium

4.3

Ecosystem	Package	Version

Ecosystem	Package	Version

Vulnerabilities

CVE-2025-64138

A cross-site request forgery (CSRF) vulnerability in Jenkins Start Windocks Containers Plugin 1.4 and earlier allows attackers to connect to an attacker-specified URL.

Published Oct 30, 2025

https://github.com/advisories/GHSA-6mgr-3374-4p3c

CVSS ScoreMedium

4.3


maven	org.jenkins-ci.plugins/windocks-start-container	1.4

Ecosystem	Package	Version


maven	org.jenkins-ci.plugins/windocks-start-container	1.4

Find vulnerabilities. Fix fast with AI.

CVE-2025-64138

CVE-2025-64138