Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-36881 | 1 Jenkins | 1 Git Client | 2024-11-21 | N/A | 8.1 HIGH |
Jenkins Git client Plugin 3.11.0 and earlier does not perform SSH host key verification when connecting to Git repositories via SSH, enabling man-in-the-middle attacks. | |||||
CVE-2019-10392 | 1 Jenkins | 1 Git Client | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
Jenkins Git Client Plugin 2.8.4 and earlier and 3.0.0-rc did not properly restrict values passed as URL argument to an invocation of 'git ls-remote', resulting in OS command injection. | |||||
CVE-2017-1000242 | 1 Jenkins | 1 Git Client | 2024-11-21 | 2.1 LOW | 3.3 LOW |
Jenkins Git Client Plugin 2.4.2 and earlier creates temporary file with insecure permissions resulting in information disclosure |