vulnerability

Jenkins Advisory 2025-09-17: CVE-2025-5115: HTTP/2 denial of service vulnerability in bundled Jetty

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:N/I:N/A:C)	Sep 18, 2025	Sep 18, 2025	Dec 17, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:C)

Published

Sep 18, 2025

Added

Sep 18, 2025

Modified

Dec 17, 2025

Description

Jenkins Advisory 2025-09-17: CVE-2025-5115: HTTP/2 denial of service vulnerability in bundled Jetty

jenkins-lts-upgrade-2_516_3jenkins-upgrade-2_528

NEW

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.