Jenkins Git Parameter

Do you want an email whenever new security vulnerabilities are reported in Jenkins Git Parameter?

By the Year

In 2024 there have been 0 vulnerabilities in Jenkins Git Parameter . Git Parameter did not have any published security vulnerabilities last year.

Year	Vulnerabilities	Average Score
2024	0	0.00
2023	0	0.00
2022	1	5.40
2021	0	0.00
2020	3	5.40
2019	0	0.00
2018	0	0.00

It may take a day or so for new Git Parameter vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Jenkins Git Parameter Security Vulnerabilities

Jenkins Git Parameter Plugin 0.9.15 and earlier does not escape the name and description of Git parameters on views displaying parameters

CVE-2022-29040 5.4 - Medium - April 12, 2022

Jenkins Git Parameter Plugin 0.9.15 and earlier does not escape the name and description of Git parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

XSS

Jenkins Git Parameter Plugin 0.9.12 and earlier does not escape the repository field on the 'Build with Parameters' page

CVE-2020-2238 5.4 - Medium - September 01, 2020

Jenkins Git Parameter Plugin 0.9.12 and earlier does not escape the repository field on the 'Build with Parameters' page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.

XSS

Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the parameter name shown on the UI

CVE-2020-2112 5.4 - Medium - February 12, 2020

Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the parameter name shown on the UI, resulting in a stored cross-site scripting vulnerability exploitable by users with Job/Configure permission.

XSS

Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the default value shown on the UI

CVE-2020-2113 5.4 - Medium - February 12, 2020

Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the default value shown on the UI, resulting in a stored cross-site scripting vulnerability exploitable by users with Job/Configure permission.

XSS

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Jenkins Git Parameter or by Jenkins? Click the Watch button to subscribe.

Jenkins
Vendor

Jenkins Git Parameter
Product

By the Year

Recent Jenkins Git Parameter Security Vulnerabilities

Jenkins Git Parameter Plugin 0.9.15 and earlier does not escape the name and description of Git parameters on views displaying parameters CVE-2022-29040 5.4 - Medium - April 12, 2022

Jenkins Git Parameter Plugin 0.9.12 and earlier does not escape the repository field on the 'Build with Parameters' page CVE-2020-2238 5.4 - Medium - September 01, 2020

Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the parameter name shown on the UI CVE-2020-2112 5.4 - Medium - February 12, 2020

Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the default value shown on the UI CVE-2020-2113 5.4 - Medium - February 12, 2020