Jenkins Git_client
6 CVEs affecting Jenkins Git_client. Latest disclosed: 2026-06-24. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-10392 | High | 8.8 | 2019-09-12 | Jenkins Git Client Plugin 2.8.4 and earlier and 3.0.0-rc did not properly restrict values passed as URL argument to an invocation of 'git ls-remote', resulting… |
CVE-2022-36881 | High | 8.1 | 2022-07-27 | Jenkins Git client Plugin 3.11.0 and earlier does not perform SSH host key verification when connecting to Git repositories via SSH, enabling man-in-the-middle… |
CVE-2026-57282 | Medium | 5.0 | 2026-06-24 | Jenkins Git client Plugin 6.6.0 and earlier does not correctly escape the workspace directory name when it is embedded into a generated SSH wrapper script, all… |
CVE-2025-67640 | Medium | 5.0 | 2025-12-10 | Jenkins Git client Plugin 6.4.0 and earlier does not not correctly escape the path to the workspace directory as part of an argument in a temporary shell scrip… |
CVE-2025-58458 | Medium | 4.3 | 2025-09-03 | In Jenkins Git client Plugin 6.3.2 and earlier, except 6.1.4 and 6.2.1, Git URL field form validation responses differ based on whether the specified file path… |
CVE-2017-1000242 | Low | 3.3 | 2017-11-01 | Jenkins Git Client Plugin 2.4.2 and earlier creates temporary file with insecure permissions resulting in information disclosure |