VYPR
High severity8.2NVD Advisory· Published Jul 9, 2025· Updated Jun 17, 2026

CVE-2025-53652

CVE-2025-53652

Description

Jenkins Git Parameter Plugin 439.vb_0e46ca_14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices, allowing attackers with Item/Build permission to inject arbitrary values into Git parameters.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.jenkins-ci.tools:git-parameterMaven
< 444.vca444.vca

Affected products

2

Patches

Vulnerability mechanics

References

4

News mentions

1