jenkins git_parameter CVE 漏洞（6）

CVE 数: 6 CPE versions: View versions table

摘要

本页列出影响 jenkins git_parameter 的已公开 CVE 漏洞（通过 NVD CPE 关联）。每行包含严重程度评分、摘要与发布日期，便于识别与分析安全问题。

CVE	摘要	来源	最高 CVSS	EPSS %	公开时间	更新时间
CVE-2026-57286	A missing permission check in Jenkins Git Parameter Plugin 462.vdcf3df2ed2ca_ and earlier allows attackers with Item/Read permission to obtain information about the SCM repository used by a job, such as branch names, tag names, and revision metadata.	[email protected]	4.3	0.21%	2026-06-24	2026-06-26
CVE-2025-53652	Jenkins Git Parameter Plugin 439.vb_0e46ca_14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices, allowing attackers with Item/Build permission to inject arbitrary values into Git parameters.	[email protected]	8.2	0.62%	2025-07-09	2026-06-17
CVE-2022-29040	Jenkins Git Parameter Plugin 0.9.15 and earlier does not escape the name and description of Git parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.	[email protected]	5.4	0.78%	2022-04-12	2026-06-17
CVE-2020-2238	Jenkins Git Parameter Plugin 0.9.12 and earlier does not escape the repository field on the 'Build with Parameters' page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.	[email protected]	5.4	0.75%	2020-09-01	2026-06-16
CVE-2020-2113	Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the default value shown on the UI, resulting in a stored cross-site scripting vulnerability exploitable by users with Job/Configure permission.	[email protected]	5.4	0.73%	2020-02-12	2026-06-16
CVE-2020-2112	Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the parameter name shown on the UI, resulting in a stored cross-site scripting vulnerability exploitable by users with Job/Configure permission.	[email protected]	5.4	0.73%	2020-02-12	2026-06-16

cvelogic Threat Intelligence