Jenkins Git Client
By the Year
In 2024 there have been 0 vulnerabilities in Jenkins Git Client . Git Client did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 1 | 8.10 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 1 | 8.80 |
2018 | 0 | 0.00 |
It may take a day or so for new Git Client vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Jenkins Git Client Security Vulnerabilities
Jenkins Git client Plugin 3.11.0 and earlier does not perform SSH host key verification when connecting to Git repositories
CVE-2022-36881
8.1 - High
- July 27, 2022
Jenkins Git client Plugin 3.11.0 and earlier does not perform SSH host key verification when connecting to Git repositories via SSH, enabling man-in-the-middle attacks.
Improper Certificate Validation
Jenkins Git Client Plugin 2.8.4 and earlier and 3.0.0-rc did not properly restrict values passed as URL argument to an invocation of 'git ls-remote'
CVE-2019-10392
8.8 - High
- September 12, 2019
Jenkins Git Client Plugin 2.8.4 and earlier and 3.0.0-rc did not properly restrict values passed as URL argument to an invocation of 'git ls-remote', resulting in OS command injection.
Shell injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Jenkins Git Client or by Jenkins? Click the Watch button to subscribe.