Lucene search
K

56 matches found

OSV
OSV
added 2026/06/24 2:17 p.m.3 views

CVE-2026-57286

A missing permission check in Jenkins Git Parameter Plugin 462.vdcf3df2ed2ca and earlier allows attackers with Item/Read permission to obtain information about the SCM repository used by a job, such as branch names, tag names, and revision metadata...

4.3CVSS6AI score
Exploits0References1
NVD
NVD
added 2026/06/24 2:17 p.m.9 views

CVE-2026-57286

A missing permission check in Jenkins Git Parameter Plugin 462.vdcf3df2ed2ca and earlier allows attackers with Item/Read permission to obtain information about the SCM repository used by a job, such as branch names, tag names, and revision metadata...

4.3CVSS0.00216EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 1:20 p.m.36 views

CVE-2026-57286

A missing permission check in Jenkins Git Parameter Plugin 462.vdcf3df2ed2ca and earlier allows attackers with Item/Read permission to obtain information about the SCM repository used by a job, such as branch names, tag names, and revision metadata...

0.00216EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 1:20 p.m.10 views

EUVD-2026-38766

A missing permission check in Jenkins Git Parameter Plugin 462.vdcf3df2ed2ca and earlier allows attackers with Item/Read permission to obtain information about the SCM repository used by a job, such as branch names, tag names, and revision metadata...

4.3CVSS5.9AI score0.00216EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 1:20 p.m.15 views

CVE-2026-57286

CVE-2026-57286 describes a missing permission check in the Jenkins Git Parameter Plugin (462.vdcf3df2ed2ca_ and earlier). This allows users with Item/Read permission to obtain information about the SCM repository used by a job (e.g., branch names, tag names, and revision metadata). The impact is ...

4.3CVSS5.9AI score0.00216EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/24 1:20 p.m.7 views

CVE-2026-57286

A missing permission check in Jenkins Git Parameter Plugin 462.vdcf3df2ed2ca and earlier allows attackers with Item/Read permission to obtain information about the SCM repository used by a job, such as branch names, tag names, and revision metadata...

4.3CVSS5.9AI score0.00216EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-4223

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00735EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2025-20862

Malicious code in bioql PyPI...

8.2CVSS6.5AI score0.00618EPSS
Exploits1References3
HackRead
HackRead
added 2025/08/08 7:14 p.m.10 views

15,000 Jenkins Servers at Risk from RCE Vulnerability (CVE-2025-53652)

A new report by VulnCheck exposes a critical command injection flaw CVE-2025-53652 in the Jenkins Git Parameter plugin.…...

8.2CVSS7.4AI score0.00618EPSS
Exploits1
GithubExploit
GithubExploit
added 2025/07/25 1:10 p.m.107 views

Exploit for Improper Input Validation in Jenkins Git_Parameter

CVE-2025-53652: Jenkins Git Parameter Plugin Unvalidated Input...

8.2CVSS10AI score0.00618EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/07/11 3:42 p.m.13 views

CVE-2025-53652

Jenkins Git Parameter Plugin 439.vb0e46ca14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices, allowing attackers with Item/Build permission to inject arbitrary values into Git parameters...

8.2CVSS7.1AI score0.00618EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2025/07/11 12:0 a.m.9 views

The vulnerability of the Jenkins automation server’s Git Parameter plugin lies in insufficient validation of input data, allowing attackers to gain read and modify access to these data.

The vulnerability of the Jenkins automation server’s Git Parameter plugin is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to gain read and modify access to data...

8.5CVSS5.8AI score0.00618EPSS
Exploits1References2Affected Software1
Snyk
Snyk
added 2025/07/09 6:30 p.m.5 views

Improper Validation of Specified Type of Input

Overview org.jenkins-ci.tools:git-parameter is a git parameter Jenkins plugin. Affected versions of this package are vulnerable to Improper Validation of Specified Type of Input via insufficient validation of submitted Git parameter values. An attacker can inject arbitrary values into Git...

8.2CVSS7AI score0.00618EPSS
Exploits1References2
OSV
OSV
added 2025/07/09 6:30 p.m.10 views

GHSA-QCJ2-99CG-MPPF Jenkins Git Parameter Plugin vulnerable to code injection due to inexhaustive parameter check

Jenkins Git Parameter Plugin implements a choice build parameter that lists the configured Git SCM’s branches, tags, pull requests, and revisions. Git Parameter Plugin 439.vb0e46ca14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered...

5.4CVSS6AI score0.00618EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2025/07/09 6:30 p.m.19 views

Jenkins Git Parameter Plugin vulnerable to code injection due to inexhaustive parameter check

Jenkins Git Parameter Plugin implements a choice build parameter that lists the configured Git SCM’s branches, tags, pull requests, and revisions. Git Parameter Plugin 439.vb0e46ca14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered...

8.2CVSS6.3AI score0.00618EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2025/07/09 4:15 p.m.9 views

CVE-2025-53652

Jenkins Git Parameter Plugin 439.vb0e46ca14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices, allowing attackers with Item/Build permission to inject arbitrary values into Git parameters...

8.2CVSS0.00618EPSS
Exploits1References2
AlpineLinux
AlpineLinux
added 2025/07/09 4:15 p.m.6 views

CVE-2025-53652

Jenkins Git Parameter Plugin 439.vb0e46ca14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices, allowing attackers with Item/Build permission to inject arbitrary values into Git parameters...

8.2CVSS7.2AI score0.00618EPSS
Exploits1References2
OSV
OSV
added 2025/07/09 4:15 p.m.11 views

CVE-2025-53652

Jenkins Git Parameter Plugin 439.vb0e46ca14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices, allowing attackers with Item/Build permission to inject arbitrary values into Git parameters...

8.2CVSS6.1AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/07/09 3:39 p.m.8 views

CVE-2025-53652

Jenkins Git Parameter Plugin 439.vb0e46ca14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices, allowing attackers with Item/Build permission to inject arbitrary values into Git parameters...

7AI score0.00618EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/07/09 3:39 p.m.13 views

CVE-2025-53652

Jenkins Git Parameter Plugin 439.vb0e46ca14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices, allowing attackers with Item/Build permission to inject arbitrary values into Git parameters...

0.00618EPSS
Exploits1References1
Rows per page
Query Builder