ГлавнаяУязвимости → CVE-2025-53652
8.2высокая

CVE-2025-53652

Описание

Jenkins Git Parameter Plugin 439.vb_0e46ca_14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices, allowing attackers with Item/Build permission to inject arbitrary values into Git parameters.

Затрагиваемое ПО
Jenkins Git parameter
CVSS
Балл8.2 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Источники
https://www.jenkins.io/security/advisory/2025-07-09/#SECURITY-3419http://www.openwall.com/lists/oss-security/2025/07/09/4