📄 Description (English)
Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, AES/CBC/PKCS5Padding lacks authentication, making it vulnerable to padding oracle attacks and ciphertext manipulation. This vulnerability is fixed in 2.2.
🤖
Queued for AI Analysis
This CVE will be auto-analyzed on the next cron run.
📦 Affected Products / CPE 1 entries
samrocketman:jervis