Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
git git vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-36883
A missing permission check in Jenkins Git Plugin 4.11.3 and previous versions allows unauthenticated malicious users to trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit.
Jenkins Git
5.3
CVSSv3
CVE-2022-36884
The webhook endpoint in Jenkins Git Plugin 4.11.3 and previous versions provide unauthenticated attackers information about the existence of jobs configured to use an attacker-specified Git repository.
Jenkins Git
6.5
CVSSv3
CVE-2022-38663
Jenkins Git Plugin 4.11.4 and previous versions does not properly mask (i.e., replace with asterisks) credentials in the build log provided by the Git Username and Password (`gitUsernamePassword`) credentials binding.
Jenkins Git
6.4
CVSSv3
CVE-2018-1000182
A server-side request forgery vulnerability exists in Jenkins Git Plugin 3.9.0 and older in AssemblaWeb.java, GitBlitRepositoryBrowser.java, Gitiles.java, TFS2013GitRepositoryBrowser.java, ViewGitWeb.java that allows attackers with Overall/Read access to cause Jenkins to send a G...
Jenkins Git
6.1
CVSSv3
CVE-2021-21684
Jenkins Git Plugin 4.8.2 and previous versions does not escape the Git SHA-1 checksum parameters provided to commit notifications when displaying them in a build cause, resulting in a stored cross-site scripting (XSS) vulnerability.
Jenkins Git
7.5
CVSSv3
CVE-2022-30947
Jenkins Git Plugin 4.11.1 and previous versions allows attackers able to configure pipelines to check out some SCM repositories stored on the Jenkins controller's file system using local paths as SCM URLs, obtaining limited information about other projects' SCM contents...
Jenkins Git
7.5
CVSSv3
CVE-2021-46101
In Git for windows up to and including 2.34.1 when using git pull to update the local warehouse, git.cmd can be run directly.
Gitforwindows Git
7.4
CVSSv3
CVE-2021-34599
Affected versions of CODESYS Git in Versions prior to V1.1.0.0 lack certificate validation in HTTPS handshakes. CODESYS Git does not implement certificate validation by default, so it does not verify that the server provides a valid and trusted HTTPS certificate. Since the certif...
Codesys Git
NA
CVE-2015-7082
Multiple unspecified vulnerabilities in Git prior to 2.5.4, as used in Apple Xcode prior to 7.2, have unknown impact and attack vectors. NOTE: this CVE is associated only with Xcode use cases.
Git Project Git
5.3
CVSSv3
CVE-2018-1000110
An improper authorization vulnerability exists in Jenkins Git Plugin version 3.7.0 and previous versions in GitStatus.java that allows an attacker with network access to obtain a list of nodes and users.
Jenkins Git
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »