/
DirectorySecurity AdvisoriesPricing
Sign in
Security Advisories

CGA-2xfc-rx9g-78jp

Published

Last updated

https://images.chainguard.dev/security/CGA-2xfc-rx9g-78jp
Package

jenkins-2.462

Repository

Chainguard

Latest Update
Pending upstream fix
Aliases
  • CVE-2025-22228
  • GHSA-mg83-c7gq-rv5c

Severity

Unknown

References

  • https://nvd.nist.gov/vuln/detail/CVE-2025-22228
  • https://github.com/advisories/GHSA-mg83-c7gq-rv5c

Updates

Status

Pending upstream fix

Impact

Currently running spring-security-crypto 5.8, which requires 5.8.18 to resolve the cve, however 5.8 is in enterprise support only. Attempted next oss version (6.3.8) though this reported back with banned dependency

Status

Under investigation

Status

Fixed

Fixed version

2.462.3-r3

Status

Under investigation

Status

Fixed

Fixed version

2.462.3-r3

Status

Under investigation

Status

Fixed

Fixed version

2.462.3-r3

Status

Under investigation

Safe Source for Open Sourceâ„¢
Contact us
© 2025 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard ContainersChainguard LibrariesChainguard VMsIntegrationsPricing

Solutions

FedRAMPPCI DSSGolden ImagesCVE RemediationPublic Sector

Customers

Customer StoriesChainguard Reviews

Resources

Events & WebinarsChainguard CoursesDocumentationTrust Center

Company

About UsBlogPartnersNewsroomCareersLegal