Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
CVE-2025-64141
CVE-2025-64141
A cross-site request forgery (CSRF) vulnerability in Jenkins Nexus Task Runner Plugin 0.9.2 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials.
Published Oct 30, 2025
https://github.com/advisories/GHSA-x2pv-fph3-phfx
CVSS Score
Medium
5.1
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
maven
org.jenkins-ci.plugins/nexus-task-runner
0.9.1
maven
org.jenkins-ci.plugins/nexus-task-runner
0.9.2
1-2 of 2
CVE-2025-64141 | Components Impacted | Sonatype Guide | Sonatype Guide
