pkg:maven/org.jenkins-ci.plugins/git

Type maven

Namespace org.jenkins-ci.plugins

Name git

Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/git package.

Repository: https://mvnrepository.com/artifact/org.jenkins-ci.plugins/git

High 3

Moderate 9

Medium 4

Low 3

Type	Version	# CVEs	# Advisory ID	Title	Severity	Published
Affected	<= 3.9.1	CVE-2019-1003010	JENKINS:SECURITY-1095	CSRF vulnerability in Git Plugin	low	2019-01-28T00:00:00 (5 years ago)
Fixed	= 3.9.2	CVE-2019-1003010	JENKINS:SECURITY-1095	CSRF vulnerability in Git Plugin	low	2019-01-28T00:00:00 (5 years ago)
Affected	<= 4.2.0	CVE-2020-2136	JENKINS:SECURITY-1723	Stored XSS vulnerability in `git`	medium	2020-03-09T00:00:00 (4 years ago)
Fixed	= 4.2.1	CVE-2020-2136	JENKINS:SECURITY-1723	Stored XSS vulnerability in `git`	medium	2020-03-09T00:00:00 (4 years ago)
Affected	<= 4.11.1	CVE-2022-30947 CVE-2022-30948 CVE-2022-30949	JENKINS:SECURITY-2478	Multiple SCM plugins can check out from the controller file system	low	2022-05-17T00:00:00 (2 years ago)
Fixed	= 4.11.2	CVE-2022-30947 CVE-2022-30948 CVE-2022-30949	JENKINS:SECURITY-2478	Multiple SCM plugins can check out from the controller file system	low	2022-05-17T00:00:00 (2 years ago)
Affected	<= 4.8.2	CVE-2021-21684	JENKINS:SECURITY-2499	Stored XSS vulnerability in `git`	high	2021-10-06T00:00:00 (2 years ago)
Fixed	= 4.8.3	CVE-2021-21684	JENKINS:SECURITY-2499	Stored XSS vulnerability in `git`	high	2021-10-06T00:00:00 (2 years ago)
Affected	<= 4.11.4	CVE-2022-38663	JENKINS:SECURITY-2796	Improper masking of credentials in `git`	medium	2022-08-23T00:00:00 (2 years ago)
Fixed	= 4.11.5	CVE-2022-38663	JENKINS:SECURITY-2796	Improper masking of credentials in `git`	medium	2022-08-23T00:00:00 (2 years ago)
Affected	<= 4.11.3	CVE-2022-36882 CVE-2022-36883 CVE-2022-36884	JENKINS:SECURITY-284	Lack of authentication mechanism in `git` webhook	medium	2022-07-27T00:00:00 (2 years ago)
Fixed	= 4.11.4	CVE-2022-36882 CVE-2022-36883 CVE-2022-36884	JENKINS:SECURITY-284	Lack of authentication mechanism in `git` webhook	medium	2022-07-27T00:00:00 (2 years ago)
Affected	<= 3.9.0	CVE-2018-1000182	JENKINS:SECURITY-810	Server-side request forgery vulnerability in Git Plugin	medium	2018-06-04T00:00:00 (6 years ago)
Fixed	= 3.9.1	CVE-2018-1000182	JENKINS:SECURITY-810	Server-side request forgery vulnerability in Git Plugin	medium	2018-06-04T00:00:00 (6 years ago)
Affected	<= 4.11.3	CVE-2022-36884	MAVEN:GHSA-449W-C77C-VMF6	Lack of authentication mechanism in Jenkins Git Plugin webhook	moderate	2022-07-28T00:00:43 (2 years ago)
Fixed	= 4.11.4	CVE-2022-36884	MAVEN:GHSA-449W-C77C-VMF6	Lack of authentication mechanism in Jenkins Git Plugin webhook	moderate	2022-07-28T00:00:43 (2 years ago)
Affected	<= 3.7.0	CVE-2018-1000110	MAVEN:GHSA-46P2-FWQG-3H6M	Incorrect Authorization in Jenkins Git Plugin	moderate	2022-05-13T01:48:31 (2 years ago)
Fixed	= 3.8.0	CVE-2018-1000110	MAVEN:GHSA-46P2-FWQG-3H6M	Incorrect Authorization in Jenkins Git Plugin	moderate	2022-05-13T01:48:31 (2 years ago)
Affected	<= 3.9.0	CVE-2018-1000182	MAVEN:GHSA-53WF-VQF9-CGF2	Server-Side Request Forgery in Jenkins Git Plugin	moderate	2022-05-14T03:13:26 (2 years ago)
Fixed	= 3.9.1	CVE-2018-1000182	MAVEN:GHSA-53WF-VQF9-CGF2	Server-Side Request Forgery in Jenkins Git Plugin	moderate	2022-05-14T03:13:26 (2 years ago)
Affected	<= 4.2.0	CVE-2020-2136	MAVEN:GHSA-6C7R-6P5M-CP82	Improper Neutralization of Input During Web Page Generation in Jenkins Git Plugin	moderate	2022-05-24T17:10:27 (2 years ago)
Fixed	= 4.2.1	CVE-2020-2136	MAVEN:GHSA-6C7R-6P5M-CP82	Improper Neutralization of Input During Web Page Generation in Jenkins Git Plugin	moderate	2022-05-24T17:10:27 (2 years ago)
Affected	<= 4.11.1	CVE-2022-30947	MAVEN:GHSA-84CM-VJWM-M979	Path traversal in Jenkins Git Mercurial and Repo Plugins	high	2022-05-18T00:00:39 (2 years ago)
Fixed	= 4.11.2	CVE-2022-30947	MAVEN:GHSA-84CM-VJWM-M979	Path traversal in Jenkins Git Mercurial and Repo Plugins	high	2022-05-18T00:00:39 (2 years ago)
Affected	< 4.11.2	CVE-2022-30949	MAVEN:GHSA-8VFC-FCR2-47PJ	Path traversal in Jenkins REPO Plugin	low	2022-05-18T00:00:40 (2 years ago)
Fixed	= 4.11.2	CVE-2022-30949	MAVEN:GHSA-8VFC-FCR2-47PJ	Path traversal in Jenkins REPO Plugin	low	2022-05-18T00:00:40 (2 years ago)
Affected	<= 4.11.3	CVE-2022-36882	MAVEN:GHSA-8XWJ-2WGH-GPRH	Lack of authentication mechanism in Jenkins Git Plugin webhook	moderate	2022-07-28T00:00:43 (2 years ago)
Fixed	= 4.11.4	CVE-2022-36882	MAVEN:GHSA-8XWJ-2WGH-GPRH	Lack of authentication mechanism in Jenkins Git Plugin webhook	moderate	2022-07-28T00:00:43 (2 years ago)
Affected	<= 4.8.2	CVE-2021-21684	MAVEN:GHSA-GGHC-G8CJ-4VFV	Stored XSS vulnerability in Jenkins Git Plugin	moderate	2022-05-24T19:16:59 (2 years ago)
Fixed	= 4.8.3	CVE-2021-21684	MAVEN:GHSA-GGHC-G8CJ-4VFV	Stored XSS vulnerability in Jenkins Git Plugin	moderate	2022-05-24T19:16:59 (2 years ago)
Affected	< 4.11.5	CVE-2022-38663	MAVEN:GHSA-JXMW-3GXF-FPRH	Improper masking of credentials Jenkins in Git Plugin	moderate	2022-08-24T00:00:28 (2 years ago)
Fixed	= 4.11.5	CVE-2022-38663	MAVEN:GHSA-JXMW-3GXF-FPRH	Improper masking of credentials Jenkins in Git Plugin	moderate	2022-08-24T00:00:28 (2 years ago)
Affected	<= 3.9.1	CVE-2019-1003010	MAVEN:GHSA-R8RW-XX57-M64Q	Cross-Site Request Forgery in Jenkins Git Plugin	moderate	2022-05-14T01:06:45 (2 years ago)
Fixed	= 3.9.2	CVE-2019-1003010	MAVEN:GHSA-R8RW-XX57-M64Q	Cross-Site Request Forgery in Jenkins Git Plugin	moderate	2022-05-14T01:06:45 (2 years ago)
Affected	< 3.2.2	CVE-2017-1000092	MAVEN:GHSA-RF5Q-8GX3-XQFC	Cross-Site Request Forgery in Jenkins Git Plugin	high	2022-05-17T00:33:22 (2 years ago)
Fixed	= 3.3.2	CVE-2017-1000092	MAVEN:GHSA-RF5Q-8GX3-XQFC	Cross-Site Request Forgery in Jenkins Git Plugin	high	2022-05-17T00:33:22 (2 years ago)
Affected	<= 4.11.3	CVE-2022-36883	MAVEN:GHSA-V878-67XW-GRW2	Lack of authentication mechanism in Jenkins Git Plugin webhook	moderate	2022-07-28T00:00:43 (2 years ago)
Fixed	= 4.11.4	CVE-2022-36883	MAVEN:GHSA-V878-67XW-GRW2	Lack of authentication mechanism in Jenkins Git Plugin webhook	moderate	2022-07-28T00:00:43 (2 years ago)