VYPR
Moderate severityNVD Advisory· Published Oct 29, 2025· Updated Nov 4, 2025

CVE-2025-64135

CVE-2025-64135

Description

Jenkins Eggplant Runner Plugin 0.0.1.301.v963cffe8ddb_8 and earlier sets the Java system property jdk.http.auth.tunneling.disabledSchemes to an empty value, disabling a protection mechanism of the Java runtime.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
io.jenkins.plugins:eggplant-runnerMaven
<= 0.0.1.301.v963cffe8ddb

Affected products

2

Patches

Vulnerability mechanics

References

4

News mentions

1