Vulnerability Details CVE-2025-64135
Jenkins Eggplant Runner Plugin 0.0.1.301.v963cffe8ddb_8 and earlier sets the Java system property `jdk.http.auth.tunneling.disabledSchemes` to an empty value, disabling a protection mechanism of the Java runtime.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 17.4%
CVSS Severity
CVSS v3 Score 5.9
References
Products affected by CVE-2025-64135
-
cpe:2.3:a:jenkins:eggplant_runner:0.0.1.301.v963cffe8ddb_8