The Jenkins Git client Plugin fails to correctly escape the workspace directory name when it is inserted into a generated SSH wrapper script, permitting an attacker who can control that name to execute arbitrary operating system commands on the build agent. The flaw is an OS command injection that creates a clear path to full agent compromise, potentially leaking or modifying data, or further spreading the attack. The attack vector is inferred to require the attacker to supply or edit a job configuration that sets a custom workspace name. By providing a malicious value, the attacker can inject shell commands that are executed on the agent. While no EPSS score is available and the vulnerability is not listed in the CISA KEV catalog, the lack of mitigation in the plugin suggests the risk is high for environments that allow untrusted job configuration. The CVSS score is 5, indicating medium severity, but the nature of the flaw—remote code execution without additional authentication beyond job authorization—still poses a significant threat.

Jenkins Project: Jenkins Git client Plugin versions 6.6.0 and earlier are affected. No other Jenkins plugins or components are listed as impacted in the current advisory.

The vulnerability’s exploitation relies on an attacker’s ability to influence the workspace directory name. Although no exact exploitation probability is reported, the missing EPSS metric and absence from KEV imply that active exploitation is not widespread yet, but the potential for remote code execution is significant. The CVSS score of 5 reflects moderate severity, yet the possibility for remote code execution remains high. The plugin’s failure to escape input provides a straightforward command injection path for an attacker who can alter job settings.