Ecosystem	Package	Version

Vulnerabilities

CVE-2025-64133

CVE-2025-64133

A cross-site request forgery (CSRF) vulnerability in Jenkins Extensible Choice Parameter Plugin 239.v5f5c278708cf and earlier allows attackers to execute sandboxed Groovy code.

Published Oct 30, 2025

https://github.com/advisories/GHSA-3jw2-5hjg-hc2c

CVSS ScoreMedium

5.4

Ecosystem	Package	Version


maven	jp.ikedam.jenkins.plugins/extensible-choice-parameter	1.0.0
maven	jp.ikedam.jenkins.plugins/extensible-choice-parameter	1.1.0
maven	jp.ikedam.jenkins.plugins/extensible-choice-parameter	1.2.0
maven	jp.ikedam.jenkins.plugins/extensible-choice-parameter	1.2.1
maven	jp.ikedam.jenkins.plugins/extensible-choice-parameter	1.2.2
maven	jp.ikedam.jenkins.plugins/extensible-choice-parameter	1.3.0
maven	jp.ikedam.jenkins.plugins/extensible-choice-parameter	1.3.1
maven	jp.ikedam.jenkins.plugins/extensible-choice-parameter	1.3.2
maven	jp.ikedam.jenkins.plugins/extensible-choice-parameter	1.3.3
maven	jp.ikedam.jenkins.plugins/extensible-choice-parameter	1.3.4
maven	jp.ikedam.jenkins.plugins/extensible-choice-parameter	1.4.0
maven	jp.ikedam.jenkins.plugins/extensible-choice-parameter	1.4.1
maven	jp.ikedam.jenkins.plugins/extensible-choice-parameter	1.4.2
maven	jp.ikedam.jenkins.plugins/extensible-choice-parameter	1.5.0
maven	jp.ikedam.jenkins.plugins/extensible-choice-parameter	1.6.0
maven	jp.ikedam.jenkins.plugins/extensible-choice-parameter	1.7.0
maven	jp.ikedam.jenkins.plugins/extensible-choice-parameter	1.8.0
maven	jp.ikedam.jenkins.plugins/extensible-choice-parameter	1.8.1
maven	jp.ikedam.jenkins.plugins/extensible-choice-parameter	237.v51568f37b_78e
maven	jp.ikedam.jenkins.plugins/extensible-choice-parameter	239.v5f5c278708cf

CVE-2025-64133 | Components Impacted | Sonatype Guide | Sonatype Guide