Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jenkins git client vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2019-10392
Jenkins Git Client Plugin 2.8.4 and previous versions and 3.0.0-rc did not properly restrict values passed as URL argument to an invocation of 'git ls-remote', resulting in OS command injection.
Jenkins Git Client 3.0.0
Jenkins Git Client
2 Github repositories
2.1
CVSSv2
CVE-2017-1000242
Jenkins Git Client Plugin 2.4.2 and previous versions creates temporary file with insecure permissions resulting in information disclosure
Jenkins Git Client
NA
CVE-2022-36881
Jenkins Git client Plugin 3.11.0 and previous versions does not perform SSH host key verification when connecting to Git repositories via SSH, enabling man-in-the-middle attacks.
Jenkins Git Client
2.6
CVSSv2
CVE-2017-1000092
Git Plugin connects to a user-specified Git repository as part of form validation. An attacker with no direct access to Jenkins but able to guess at a username/password credentials ID could trick a developer with job configuration permissions into following a link with a maliciou...
Jenkins Git 0.9.0
Jenkins Git 0.9.1
Jenkins Git 0.9.2
Jenkins Git 1.0.0
Jenkins Git 1.1.11
Jenkins Git 1.1.12
Jenkins Git 1.1.13
Jenkins Git 1.1.14
Jenkins Git 1.1.28
Jenkins Git 1.1.29
Jenkins Git 1.2.0
Jenkins Git 1.3.0
Jenkins Git 2.2.0
Jenkins Git 2.2.1
Jenkins Git 2.2.2
Jenkins Git 2.2.3
Jenkins Git 2.3.0
Jenkins Git 2.3.1
Jenkins Git 2.3.2
Jenkins Git 2.3.3
Jenkins Git 2.5.0
Jenkins Git 2.5.1
NA
CVE-2023-48795
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH prior to 9.6 and other products, allows remote malicious users to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may conseque...
Openbsd Openssh
Putty Putty
Filezilla-project Filezilla Client
Microsoft Powershell
Panic Transmit 5
Panic Nova
Roumenpetrov Pkixssh
Winscp Winscp
Bitvise Ssh Client
Bitvise Ssh Server
Lancom-systems Lcos
Lancom-systems Lcos Fx -
Lancom-systems Lcos Lx -
Lancom-systems Lcos Sx 5.20
Lancom-systems Lcos Sx 4.20
Lancom-systems Lanconfig -
Vandyke Securecrt
Libssh Libssh
Net-ssh Net-ssh 7.2.0
Ssh2 Project Ssh2
Proftpd Proftpd
Freebsd Freebsd
8 Github repositories
1 Article
NA
CVE-2022-1705
Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid.
Golang Go
NA
CVE-2022-32148
Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the ...
Golang Go
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started