Lucene search
K

55 matches found

NVD
NVD
added 2026/06/24 2:17 p.m.7 views

CVE-2026-57286

A missing permission check in Jenkins Git Parameter Plugin 462.vdcf3df2ed2ca and earlier allows attackers with Item/Read permission to obtain information about the SCM repository used by a job, such as branch names, tag names, and revision metadata...

4.3CVSS0.00216EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/24 1:20 p.m.5 views

CVE-2026-57286

A missing permission check in Jenkins Git Parameter Plugin 462.vdcf3df2ed2ca and earlier allows attackers with Item/Read permission to obtain information about the SCM repository used by a job, such as branch names, tag names, and revision metadata...

4.3CVSS5.9AI score0.00216EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 1:20 p.m.32 views

CVE-2026-57286

A missing permission check in Jenkins Git Parameter Plugin 462.vdcf3df2ed2ca and earlier allows attackers with Item/Read permission to obtain information about the SCM repository used by a job, such as branch names, tag names, and revision metadata...

0.00216EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 1:20 p.m.7 views

EUVD-2026-38766

A missing permission check in Jenkins Git Parameter Plugin 462.vdcf3df2ed2ca and earlier allows attackers with Item/Read permission to obtain information about the SCM repository used by a job, such as branch names, tag names, and revision metadata...

4.3CVSS5.9AI score0.00216EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 1:20 p.m.10 views

CVE-2026-57286

CVE-2026-57286 describes a missing permission check in the Jenkins Git Parameter Plugin (462.vdcf3df2ed2ca_ and earlier). This allows users with Item/Read permission to obtain information about the SCM repository used by a job (e.g., branch names, tag names, and revision metadata). The impact is ...

4.3CVSS5.9AI score0.00216EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-4223

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00735EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2025-20862

Malicious code in bioql PyPI...

8.2CVSS6.5AI score0.00618EPSS
Exploits1References3
HackRead
HackRead
added 2025/08/08 7:14 p.m.8 views

15,000 Jenkins Servers at Risk from RCE Vulnerability (CVE-2025-53652)

A new report by VulnCheck exposes a critical command injection flaw CVE-2025-53652 in the Jenkins Git Parameter plugin.…...

8.2CVSS7.4AI score0.00618EPSS
Exploits1
GithubExploit
GithubExploit
added 2025/07/25 1:10 p.m.104 views

Exploit for Improper Input Validation in Jenkins Git_Parameter

CVE-2025-53652: Jenkins Git Parameter Plugin Unvalidated Input...

8.2CVSS10AI score0.00618EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/07/11 3:42 p.m.10 views

CVE-2025-53652

Jenkins Git Parameter Plugin 439.vb0e46ca14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices, allowing attackers with Item/Build permission to inject arbitrary values into Git parameters...

8.2CVSS7.1AI score0.00618EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2025/07/11 12:0 a.m.6 views

The vulnerability of the Jenkins automation server’s Git Parameter plugin lies in insufficient validation of input data, allowing attackers to gain read and modify access to these data.

The vulnerability of the Jenkins automation server’s Git Parameter plugin is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to gain read and modify access to data...

8.5CVSS5.8AI score0.00618EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2025/07/09 6:30 p.m.8 views

GHSA-QCJ2-99CG-MPPF Jenkins Git Parameter Plugin vulnerable to code injection due to inexhaustive parameter check

Jenkins Git Parameter Plugin implements a choice build parameter that lists the configured Git SCM’s branches, tags, pull requests, and revisions. Git Parameter Plugin 439.vb0e46ca14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered...

5.4CVSS6AI score0.00618EPSS
Exploits1References4
Snyk
Snyk
added 2025/07/09 6:30 p.m.4 views

Improper Validation of Specified Type of Input

Overview org.jenkins-ci.tools:git-parameter is a git parameter Jenkins plugin. Affected versions of this package are vulnerable to Improper Validation of Specified Type of Input via insufficient validation of submitted Git parameter values. An attacker can inject arbitrary values into Git...

8.2CVSS7AI score0.00618EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2025/07/09 6:30 p.m.16 views

Jenkins Git Parameter Plugin vulnerable to code injection due to inexhaustive parameter check

Jenkins Git Parameter Plugin implements a choice build parameter that lists the configured Git SCM’s branches, tags, pull requests, and revisions. Git Parameter Plugin 439.vb0e46ca14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered...

8.2CVSS6.3AI score0.00618EPSS
Exploits1References4Affected Software1
AlpineLinux
AlpineLinux
added 2025/07/09 4:15 p.m.6 views

CVE-2025-53652

Jenkins Git Parameter Plugin 439.vb0e46ca14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices, allowing attackers with Item/Build permission to inject arbitrary values into Git parameters...

8.2CVSS7.2AI score0.00618EPSS
Exploits1References2
NVD
NVD
added 2025/07/09 4:15 p.m.8 views

CVE-2025-53652

Jenkins Git Parameter Plugin 439.vb0e46ca14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices, allowing attackers with Item/Build permission to inject arbitrary values into Git parameters...

8.2CVSS0.00618EPSS
Exploits1References2
OSV
OSV
added 2025/07/09 4:15 p.m.9 views

CVE-2025-53652

Jenkins Git Parameter Plugin 439.vb0e46ca14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices, allowing attackers with Item/Build permission to inject arbitrary values into Git parameters...

8.2CVSS6.1AI score
Exploits0References2
Cvelist
Cvelist
added 2025/07/09 3:39 p.m.12 views

CVE-2025-53652

Jenkins Git Parameter Plugin 439.vb0e46ca14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices, allowing attackers with Item/Build permission to inject arbitrary values into Git parameters...

0.00618EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/07/09 3:39 p.m.7 views

CVE-2025-53652

Jenkins Git Parameter Plugin 439.vb0e46ca14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices, allowing attackers with Item/Build permission to inject arbitrary values into Git parameters...

7AI score0.00618EPSS
Exploits1References1
CVE
CVE
added 2025/07/09 3:39 p.m.44 views

CVE-2025-53652

Summary (CVE-2025-53652) : Jenkins Git Parameter Plugin (versions 439.vb_0e46ca_14534 and earlier) does not validate that the submitted Git parameter matches an offered choice. With Item/Build permission, an attacker can inject arbitrary values into Git parameters, which can propagate to the SCM ...

8.2CVSS6.5AI score0.00618EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder