Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/12/17 8:7 a.m.4 views

CVE-2025-67640

Jenkins Git client Plugin 6.4.0 and earlier does not not correctly escape the path to the workspace directory as part of an argument in a temporary shell script generated by the plugin, allowing attackers able to control the workspace directory name to inject arbitrary OS commands...

5CVSS7AI score0.00179EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/12/10 6:30 p.m.9 views

au.com.versent.jenkins.plugins:ignore-committer-strategy (>=29.v7c3891a_434c3 <=57.v0756db_b_f6926), br.com.ingenieux.jenkins.plugins:codecommit-url-helper (=0.0.1) +150 more potentially affected by CVE-2025-67640 via org.jenkins-ci.plugins:git-client (>=1.0.2 <=6.4.0)

org.jenkins-ci.plugins:git-client MAVEN version =1.0.2, =29.v7c3891a434c3, =1.0.5.0, =1.1.0, =1.9.2-beta, =1.9, =4.0.9, =1.1.0, =1.0.0, =1.0.1, =1.1.3, =1.7.2, =1.1.0, =1.0.0, =1.1.2 and more Source cves: CVE-2025-67640 Source advisory: OSV:GHSA-V8HG-M323-JVJQ...

5CVSS5.8AI score0.00179EPSS
Exploits0
Cvelist
Cvelist
added 2025/12/10 4:50 p.m.29 views

CVE-2025-67640

Jenkins Git client Plugin 6.4.0 and earlier does not not correctly escape the path to the workspace directory as part of an argument in a temporary shell script generated by the plugin, allowing attackers able to control the workspace directory name to inject arbitrary OS commands...

0.00179EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/12/10 4:50 p.m.7 views

CVE-2025-67640

Jenkins Git client Plugin 6.4.0 and earlier does not not correctly escape the path to the workspace directory as part of an argument in a temporary shell script generated by the plugin, allowing attackers able to control the workspace directory name to inject arbitrary OS commands...

5CVSS7AI score0.00179EPSS
Exploits0References1
Rows per page
Query Builder