2 matches found
CVE-2018-1000110 affecting package git 2.23.3-1
CVE-2018-1000110 affecting package git 2.23.3-1. An upgraded version of the package is available that resolves this issue...
CVE-2018-1000110
The CVE-2018-1000110 entry concerns the Jenkins Git Plugin (v3.7.0 and earlier). Root cause: GitStatus.java contains improper authorization, allowing an attacker with network access to enumerate a list of nodes and users via search endpoints (e.g., /search/suggest?query=x and /search/?q=x). Impac...