2 matches found
CVE-2025-67640
Jenkins Git client Plugin vulnerability CVE-2025-67640 affects versions 6.4.0 and earlier. The issue arises from improper escaping of the workspace directory path in a temporary shell script generated by the plugin, enabling an attacker who controls the workspace name to inject and execute arbitr...
CVE-2026-57282
The CVE-2026-57282 entry applies to Jenkins Git client Plugin versions 6.6.0 and earlier. The issue is improper escaping of the workspace directory name when inserted into a generated SSH wrapper script, enabling an attacker who can control the build’s working directory name to execute arbitrary ...