Lucene search

K
osvGoogleOSV:GHSA-HW6X-2QWV-RXR7
HistoryMay 24, 2022 - 4:55 p.m.

Improper Neutralization of Special Elements used in an OS Command in Jenkins Git Client Plugin

2022-05-2416:55:58
Google
osv.dev
6
os command injection
jenkins
git client plugin

EPSS

0.947

Percentile

99.3%

Jenkins Git Client Plugin 2.8.4 and earlier did not properly restrict values passed as URL argument to an invocation of β€˜git ls-remote’, resulting in OS command injection.