Main Vulnerability Database Vulnerabilities #VU113409

#VU113409 Input validation error in Git Parameter - CVE-2025-53652

Published: July 29, 2025

Vulnerability identifier: #VU113409

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2025-53652

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Git Parameter

Software vendor:
Jenkins

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to the affected application does not validate that the Git parameter value submitted to the build matches one of the offered choices. A remote user can inject arbitrary values into Git parameters.

Remediation

Install updates from vendor's website.

External links

https://jenkins.io/security/advisory/2025-07-09/

#VU113409 Input validation error in Git Parameter - CVE-2025-53652

Description

Remediation

External links

Please verify you're human