CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

41 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-4223

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00121EPSS

Exploits0References5

HackRead•added 2025/08/08 7:14 p.m.•6 views

15,000 Jenkins Servers at Risk from RCE Vulnerability (CVE-2025-53652)

A new report by VulnCheck exposes a critical command injection flaw CVE-2025-53652 in the Jenkins Git Parameter plugin.…...

8.2CVSS7.4AI score0.00068EPSS

Exploits1

RedhatCVE•added 2025/07/11 3:42 p.m.•6 views

CVE-2025-53652

Jenkins Git Parameter Plugin 439.vb0e46ca14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices, allowing attackers with Item/Build permission to inject arbitrary values into Git parameters...

8.2CVSS7.1AI score0.00068EPSS

Exploits1References1

Snyk•added 2025/07/09 6:30 p.m.•4 views

Improper Validation of Specified Type of Input

Overview org.jenkins-ci.tools:git-parameter is a git parameter Jenkins plugin. Affected versions of this package are vulnerable to Improper Validation of Specified Type of Input via insufficient validation of submitted Git parameter values. An attacker can inject arbitrary values into Git...

8.2CVSS7AI score0.00068EPSS

Exploits1References2

Github Security Blog•added 2025/07/09 6:30 p.m.•9 views

Jenkins Git Parameter Plugin vulnerable to code injection due to inexhaustive parameter check

Jenkins Git Parameter Plugin implements a choice build parameter that lists the configured Git SCM’s branches, tags, pull requests, and revisions. Git Parameter Plugin 439.vb0e46ca14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered...

8.2CVSS6.3AI score0.00068EPSS

Exploits1References4Affected Software1

NVD•added 2025/07/09 4:15 p.m.•5 views

CVE-2025-53652

8.2CVSS0.00068EPSS

Exploits1References2

OSV•added 2025/07/09 4:15 p.m.•5 views

CVE-2025-53652

8.2CVSS6.1AI score

Exploits0References2

Vulnrichment•added 2025/07/09 3:39 p.m.•6 views

CVE-2025-53652

7AI score0.00068EPSS

Exploits1References1

Cvelist•added 2025/07/09 3:39 p.m.•8 views

CVE-2025-53652

0.00068EPSS

Exploits1References1

CVE•added 2025/07/09 3:39 p.m.•28 views

CVE-2025-53652

Summary (CVE-2025-53652) : Jenkins Git Parameter Plugin (versions 439.vb_0e46ca_14534 and earlier) does not validate that the submitted Git parameter matches an offered choice. With Item/Build permission, an attacker can inject arbitrary values into Git parameters, which can propagate to the SCM ...

8.2CVSS6.5AI score0.00068EPSS

Exploits1References2Affected Software1

Positive Technologies•added 2025/07/09 12:0 a.m.•5 views

PT-2025-28904

Name of the Vulnerable Software and Affected Versions Jenkins Git Parameter Plugin versions 439.vb 0e46ca 14534 and earlier Description The Jenkins Git Parameter Plugin does not validate the Git parameter value submitted to a build against the offered choices. This allows attackers with Item/Buil...

8.5CVSS8.4AI score0.00068EPSS

Exploits1References38

CNNVD•added 2025/07/09 12:0 a.m.•3 views

Jenkins plugin Git Parameter 安全漏洞

Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A security...

8.2CVSS6.7AI score0.00068EPSS

Exploits1References2

RedhatCVE•added 2025/05/22 10:44 p.m.•3 views

CVE-2022-29040

Jenkins Git Parameter Plugin 0.9.15 and earlier does not escape the name and description of Git parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS5.4AI score0.00217EPSS

Exploits0References1

SUSE CVE•added 2023/02/15 4:4 a.m.•2 views

SUSE CVE-2020-2238

Jenkins Git Parameter Plugin 0.9.12 and earlier does not escape the repository field on the 'Build with Parameters' page, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...

5.4CVSS5AI score0.00233EPSS

Exploits0References3

Github Security Blog•added 2022/05/24 5:27 p.m.•26 views

Stored XSS vulnerability in Jenkins Git Parameter Plugin

5.4CVSS4.9AI score0.00233EPSS

Exploits0References5Affected Software1

OSV•added 2022/05/24 5:27 p.m.•20 views

GHSA-J7Q2-C6R4-X2JW Stored XSS vulnerability in Jenkins Git Parameter Plugin

8CVSS5.3AI score0.00233EPSS

Exploits0References5

OSV•added 2022/05/24 5:8 p.m.•16 views

GHSA-FGXC-MXVW-55MV Jenkins Git Parameter Plugin vulnerable to stored cross-site scripting (XSS)

Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the default value shown on the UI, resulting in a stored cross-site scripting vulnerability exploitable by users with Job/Configure permission...

5.4CVSS5.2AI score0.00121EPSS

Exploits0References5

OSV•added 2022/04/13 12:0 a.m.•28 views

GHSA-FCR6-6CPH-VMCM Stored XSS vulnerability in Jenkins Git Parameter Plugin

5.4CVSS5.4AI score0.00217EPSS

Exploits0References3

Github Security Blog•added 2022/04/13 12:0 a.m.•74 views

Stored XSS vulnerability in Jenkins Git Parameter Plugin

5.4CVSS5.3AI score0.00217EPSS

Exploits0References3Affected Software1

CNVD•added 2022/04/13 12:0 a.m.•24 views

Jenkins Git Parameter Plugin Cross-Site Scripting Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.A cross-site scripting vulnerability exis...

5.4CVSS1.3AI score0.00217EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by