Main Vulnerability Database Vulnerabilities #VU113409

Input validation error in Git Parameter - CVE-2025-53652

Published: July 29, 2025

Vulnerability identifier: #VU113409

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2025-53652

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Jenkins

Affected software:
Git Parameter

Detailed vulnerability description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to the affected application does not validate that the Git parameter value submitted to the build matches one of the offered choices. A remote user can inject arbitrary values into Git parameters.

How to mitigate CVE-2025-53652

Install updates from vendor's website.

Sources

https://jenkins.io/security/advisory/2025-07-09/

Input validation error in Git Parameter - CVE-2025-53652

Detailed vulnerability description

How to mitigate CVE-2025-53652

Sources

Please verify you're human