Nexus Task Runner

nexus_task_runner

Vendor: Jenkins • 2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-64142 1Jenkins 1Nexus Task Runner Nov 4, 2025 Oct 29, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 A missing permission check in Jenkins Nexus Task Runner Plugin 0.9.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials.
CVE-2025-64141 1Jenkins 1Nexus Task Runner Nov 4, 2025 Oct 29, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 A cross-site request forgery (CSRF) vulnerability in Jenkins Nexus Task Runner Plugin 0.9.2 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials.