Vulnerabilities (CVE)

Filtered by vendor Jenkins Subscribe
Filtered by product Git Client
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-36881 1 Jenkins 1 Git Client 2024-11-21 N/A 8.1 HIGH
Jenkins Git client Plugin 3.11.0 and earlier does not perform SSH host key verification when connecting to Git repositories via SSH, enabling man-in-the-middle attacks.
CVE-2019-10392 1 Jenkins 1 Git Client 2024-11-21 6.5 MEDIUM 8.8 HIGH
Jenkins Git Client Plugin 2.8.4 and earlier and 3.0.0-rc did not properly restrict values passed as URL argument to an invocation of 'git ls-remote', resulting in OS command injection.
CVE-2017-1000242 1 Jenkins 1 Git Client 2024-11-21 2.1 LOW 3.3 LOW
Jenkins Git Client Plugin 2.4.2 and earlier creates temporary file with insecure permissions resulting in information disclosure