pkg:maven/org.jenkins-ci.plugins/git
Type
maven
Namespace
org.jenkins-ci.plugins
Name
git
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/git package.
High
3
Moderate
9
Medium
4
Low
3
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | <= 3.9.1 |
CVE-2019-1003010
|
JENKINS:SECURITY-1095 | CSRF vulnerability in Git Plugin | low |
2019-01-28T00:00:00
(5 years ago) |
|
Fixed | = 3.9.2 |
CVE-2019-1003010
|
JENKINS:SECURITY-1095 | CSRF vulnerability in Git Plugin | low |
2019-01-28T00:00:00
(5 years ago) |
|
Affected | <= 4.2.0 |
CVE-2020-2136
|
JENKINS:SECURITY-1723 | Stored XSS vulnerability in `git` | medium |
2020-03-09T00:00:00
(4 years ago) |
|
Fixed | = 4.2.1 |
CVE-2020-2136
|
JENKINS:SECURITY-1723 | Stored XSS vulnerability in `git` | medium |
2020-03-09T00:00:00
(4 years ago) |
|
Affected | <= 4.11.1 |
CVE-2022-30947
CVE-2022-30948 CVE-2022-30949 |
JENKINS:SECURITY-2478 | Multiple SCM plugins can check out from the controller file system | low |
2022-05-17T00:00:00
(2 years ago) |
|
Fixed | = 4.11.2 |
CVE-2022-30947
CVE-2022-30948 CVE-2022-30949 |
JENKINS:SECURITY-2478 | Multiple SCM plugins can check out from the controller file system | low |
2022-05-17T00:00:00
(2 years ago) |
|
Affected | <= 4.8.2 |
CVE-2021-21684
|
JENKINS:SECURITY-2499 | Stored XSS vulnerability in `git` | high |
2021-10-06T00:00:00
(2 years ago) |
|
Fixed | = 4.8.3 |
CVE-2021-21684
|
JENKINS:SECURITY-2499 | Stored XSS vulnerability in `git` | high |
2021-10-06T00:00:00
(2 years ago) |
|
Affected | <= 4.11.4 |
CVE-2022-38663
|
JENKINS:SECURITY-2796 | Improper masking of credentials in `git` | medium |
2022-08-23T00:00:00
(2 years ago) |
|
Fixed | = 4.11.5 |
CVE-2022-38663
|
JENKINS:SECURITY-2796 | Improper masking of credentials in `git` | medium |
2022-08-23T00:00:00
(2 years ago) |
|
Affected | <= 4.11.3 |
CVE-2022-36882
CVE-2022-36883 CVE-2022-36884 |
JENKINS:SECURITY-284 | Lack of authentication mechanism in `git` webhook | medium |
2022-07-27T00:00:00
(2 years ago) |
|
Fixed | = 4.11.4 |
CVE-2022-36882
CVE-2022-36883 CVE-2022-36884 |
JENKINS:SECURITY-284 | Lack of authentication mechanism in `git` webhook | medium |
2022-07-27T00:00:00
(2 years ago) |
|
Affected | <= 3.9.0 |
CVE-2018-1000182
|
JENKINS:SECURITY-810 | Server-side request forgery vulnerability in Git Plugin | medium |
2018-06-04T00:00:00
(6 years ago) |
|
Fixed | = 3.9.1 |
CVE-2018-1000182
|
JENKINS:SECURITY-810 | Server-side request forgery vulnerability in Git Plugin | medium |
2018-06-04T00:00:00
(6 years ago) |
|
Affected | <= 4.11.3 |
CVE-2022-36884
|
MAVEN:GHSA-449W-C77C-VMF6 | Lack of authentication mechanism in Jenkins Git Plugin webhook | moderate |
2022-07-28T00:00:43
(2 years ago) |
|
Fixed | = 4.11.4 |
CVE-2022-36884
|
MAVEN:GHSA-449W-C77C-VMF6 | Lack of authentication mechanism in Jenkins Git Plugin webhook | moderate |
2022-07-28T00:00:43
(2 years ago) |
|
Affected | <= 3.7.0 |
CVE-2018-1000110
|
MAVEN:GHSA-46P2-FWQG-3H6M | Incorrect Authorization in Jenkins Git Plugin | moderate |
2022-05-13T01:48:31
(2 years ago) |
|
Fixed | = 3.8.0 |
CVE-2018-1000110
|
MAVEN:GHSA-46P2-FWQG-3H6M | Incorrect Authorization in Jenkins Git Plugin | moderate |
2022-05-13T01:48:31
(2 years ago) |
|
Affected | <= 3.9.0 |
CVE-2018-1000182
|
MAVEN:GHSA-53WF-VQF9-CGF2 | Server-Side Request Forgery in Jenkins Git Plugin | moderate |
2022-05-14T03:13:26
(2 years ago) |
|
Fixed | = 3.9.1 |
CVE-2018-1000182
|
MAVEN:GHSA-53WF-VQF9-CGF2 | Server-Side Request Forgery in Jenkins Git Plugin | moderate |
2022-05-14T03:13:26
(2 years ago) |
|
Affected | <= 4.2.0 |
CVE-2020-2136
|
MAVEN:GHSA-6C7R-6P5M-CP82 | Improper Neutralization of Input During Web Page Generation in Jenkins Git Plugin | moderate |
2022-05-24T17:10:27
(2 years ago) |
|
Fixed | = 4.2.1 |
CVE-2020-2136
|
MAVEN:GHSA-6C7R-6P5M-CP82 | Improper Neutralization of Input During Web Page Generation in Jenkins Git Plugin | moderate |
2022-05-24T17:10:27
(2 years ago) |
|
Affected | <= 4.11.1 |
CVE-2022-30947
|
MAVEN:GHSA-84CM-VJWM-M979 | Path traversal in Jenkins Git Mercurial and Repo Plugins | high |
2022-05-18T00:00:39
(2 years ago) |
|
Fixed | = 4.11.2 |
CVE-2022-30947
|
MAVEN:GHSA-84CM-VJWM-M979 | Path traversal in Jenkins Git Mercurial and Repo Plugins | high |
2022-05-18T00:00:39
(2 years ago) |
|
Affected | < 4.11.2 |
CVE-2022-30949
|
MAVEN:GHSA-8VFC-FCR2-47PJ | Path traversal in Jenkins REPO Plugin | low |
2022-05-18T00:00:40
(2 years ago) |
|
Fixed | = 4.11.2 |
CVE-2022-30949
|
MAVEN:GHSA-8VFC-FCR2-47PJ | Path traversal in Jenkins REPO Plugin | low |
2022-05-18T00:00:40
(2 years ago) |
|
Affected | <= 4.11.3 |
CVE-2022-36882
|
MAVEN:GHSA-8XWJ-2WGH-GPRH | Lack of authentication mechanism in Jenkins Git Plugin webhook | moderate |
2022-07-28T00:00:43
(2 years ago) |
|
Fixed | = 4.11.4 |
CVE-2022-36882
|
MAVEN:GHSA-8XWJ-2WGH-GPRH | Lack of authentication mechanism in Jenkins Git Plugin webhook | moderate |
2022-07-28T00:00:43
(2 years ago) |
|
Affected | <= 4.8.2 |
CVE-2021-21684
|
MAVEN:GHSA-GGHC-G8CJ-4VFV | Stored XSS vulnerability in Jenkins Git Plugin | moderate |
2022-05-24T19:16:59
(2 years ago) |
|
Fixed | = 4.8.3 |
CVE-2021-21684
|
MAVEN:GHSA-GGHC-G8CJ-4VFV | Stored XSS vulnerability in Jenkins Git Plugin | moderate |
2022-05-24T19:16:59
(2 years ago) |
|
Affected | < 4.11.5 |
CVE-2022-38663
|
MAVEN:GHSA-JXMW-3GXF-FPRH | Improper masking of credentials Jenkins in Git Plugin | moderate |
2022-08-24T00:00:28
(2 years ago) |
|
Fixed | = 4.11.5 |
CVE-2022-38663
|
MAVEN:GHSA-JXMW-3GXF-FPRH | Improper masking of credentials Jenkins in Git Plugin | moderate |
2022-08-24T00:00:28
(2 years ago) |
|
Affected | <= 3.9.1 |
CVE-2019-1003010
|
MAVEN:GHSA-R8RW-XX57-M64Q | Cross-Site Request Forgery in Jenkins Git Plugin | moderate |
2022-05-14T01:06:45
(2 years ago) |
|
Fixed | = 3.9.2 |
CVE-2019-1003010
|
MAVEN:GHSA-R8RW-XX57-M64Q | Cross-Site Request Forgery in Jenkins Git Plugin | moderate |
2022-05-14T01:06:45
(2 years ago) |
|
Affected | < 3.2.2 |
CVE-2017-1000092
|
MAVEN:GHSA-RF5Q-8GX3-XQFC | Cross-Site Request Forgery in Jenkins Git Plugin | high |
2022-05-17T00:33:22
(2 years ago) |
|
Fixed | = 3.3.2 |
CVE-2017-1000092
|
MAVEN:GHSA-RF5Q-8GX3-XQFC | Cross-Site Request Forgery in Jenkins Git Plugin | high |
2022-05-17T00:33:22
(2 years ago) |
|
Affected | <= 4.11.3 |
CVE-2022-36883
|
MAVEN:GHSA-V878-67XW-GRW2 | Lack of authentication mechanism in Jenkins Git Plugin webhook | moderate |
2022-07-28T00:00:43
(2 years ago) |
|
Fixed | = 4.11.4 |
CVE-2022-36883
|
MAVEN:GHSA-V878-67XW-GRW2 | Lack of authentication mechanism in Jenkins Git Plugin webhook | moderate |
2022-07-28T00:00:43
(2 years ago) |