49 matches found
EUVD-2025-20862
Malicious code in bioql PyPI...
EUVD-2022-4223
Malicious code in bioql PyPI...
15,000 Jenkins Servers at Risk from RCE Vulnerability (CVE-2025-53652)
A new report by VulnCheck exposes a critical command injection flaw CVE-2025-53652 in the Jenkins Git Parameter plugin.…...
Exploit for Improper Input Validation in Jenkins Git_Parameter
CVE-2025-53652: Jenkins Git Parameter Plugin Unvalidated Input...
CVE-2025-53652
Jenkins Git Parameter Plugin 439.vb0e46ca14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices, allowing attackers with Item/Build permission to inject arbitrary values into Git parameters...
GHSA-QCJ2-99CG-MPPF Jenkins Git Parameter Plugin vulnerable to code injection due to inexhaustive parameter check
Jenkins Git Parameter Plugin implements a choice build parameter that lists the configured Git SCM’s branches, tags, pull requests, and revisions. Git Parameter Plugin 439.vb0e46ca14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered...
Improper Validation of Specified Type of Input
Overview org.jenkins-ci.tools:git-parameter is a git parameter Jenkins plugin. Affected versions of this package are vulnerable to Improper Validation of Specified Type of Input via insufficient validation of submitted Git parameter values. An attacker can inject arbitrary values into Git...
Jenkins Git Parameter Plugin vulnerable to code injection due to inexhaustive parameter check
Jenkins Git Parameter Plugin implements a choice build parameter that lists the configured Git SCM’s branches, tags, pull requests, and revisions. Git Parameter Plugin 439.vb0e46ca14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered...
CVE-2025-53652
Jenkins Git Parameter Plugin 439.vb0e46ca14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices, allowing attackers with Item/Build permission to inject arbitrary values into Git parameters...
CVE-2025-53652
Jenkins Git Parameter Plugin 439.vb0e46ca14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices, allowing attackers with Item/Build permission to inject arbitrary values into Git parameters...
CVE-2025-53652
Jenkins Git Parameter Plugin 439.vb0e46ca14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices, allowing attackers with Item/Build permission to inject arbitrary values into Git parameters...
CVE-2025-53652
Jenkins Git Parameter Plugin 439.vb0e46ca14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices, allowing attackers with Item/Build permission to inject arbitrary values into Git parameters...
CVE-2025-53652
Jenkins Git Parameter Plugin 439.vb0e46ca14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices, allowing attackers with Item/Build permission to inject arbitrary values into Git parameters...
CVE-2025-53652
Summary (CVE-2025-53652) : Jenkins Git Parameter Plugin (versions 439.vb_0e46ca_14534 and earlier) does not validate that the submitted Git parameter matches an offered choice. With Item/Build permission, an attacker can inject arbitrary values into Git parameters, which can propagate to the SCM ...
PT-2025-28904
Name of the Vulnerable Software and Affected Versions Jenkins Git Parameter Plugin versions 439.vb 0e46ca 14534 and earlier Description The Jenkins Git Parameter Plugin does not validate the Git parameter value submitted to a build against the offered choices. This allows attackers with Item/Buil...
Jenkins plugin Git Parameter 安全漏洞
Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A security...
CVE-2022-29040
Jenkins Git Parameter Plugin 0.9.15 and earlier does not escape the name and description of Git parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
SUSE CVE-2020-2238
Jenkins Git Parameter Plugin 0.9.12 and earlier does not escape the repository field on the 'Build with Parameters' page, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
GHSA-J7Q2-C6R4-X2JW Stored XSS vulnerability in Jenkins Git Parameter Plugin
Jenkins Git Parameter Plugin 0.9.12 and earlier does not escape the repository field on the 'Build with Parameters' page, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission. Git Parameter Plugin 0.9.13 escapes the repository field o...
Stored XSS vulnerability in Jenkins Git Parameter Plugin
Jenkins Git Parameter Plugin 0.9.12 and earlier does not escape the repository field on the 'Build with Parameters' page, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission. Git Parameter Plugin 0.9.13 escapes the repository field o...