org.jenkins-ci.tools:git-parameter
Maven5 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting org.jenkins-ci.tools:git-parameterpage 1 of 1
- CVE-2020-2112MEDIUMCVSS 5.4EG 5.4✓ Fixed in 0.9.122020-02-12
vulnerable: 0.4.0 ... 0.9.9 (23 versions)
Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the parameter name shown on the UI, resulting in a stored cross-site scripting vulnerability exploitable by users with Job/Configure permission.
- CVE-2020-2113MEDIUMCVSS 5.4EG 5.4✓ Fixed in 0.9.122020-02-12
vulnerable: 0.4.0 ... 0.9.9 (23 versions)
Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the default value shown on the UI, resulting in a stored cross-site scripting vulnerability exploitable by users with Job/Configure permission.
- CVE-2020-2238MEDIUMCVSS 5.4EG 5.4✓ Fixed in 0.9.132020-09-01
vulnerable: 0.4.0 ... 0.9.9 (24 versions)
Jenkins Git Parameter Plugin 0.9.12 and earlier does not escape the repository field on the 'Build with Parameters' page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.
- CVE-2022-29040MEDIUMCVSS 5.4EG 5.4✓ Fixed in 0.9.162022-04-12
vulnerable: 0.4.0 ... 0.9.9 (27 versions)
Jenkins Git Parameter Plugin 0.9.15 and earlier does not escape the name and description of Git parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Co…
- CVE-2025-53652HIGHCVSS 8.2EG 8.2✓ Fixed in 444.vca2025-07-09
vulnerable: 0.10.0 ... 439.vb_0e46ca_14534 (35 versions)
Jenkins Git Parameter Plugin 439.vb_0e46ca_14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices, allowing attackers with Item/Build permission to inject arbitrary values…
Check whether org.jenkins-ci.tools:git-parameter is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for org.jenkins-ci.tools:git-parameter CVEs against the assets you own.
Start Free Scan →