6 matches found
CVE-2019-10392
Jenkins Git Client Plugin 2.8.4 and earlier and 3.0.0-rc did not properly restrict values passed as URL argument to an invocation of 'git ls-remote', resulting in OS command injection...
Exploit for OS Command Injection in Jenkins Git_Client
CVE-2019-10392EXP Jenkins Git Client Authenticated RCE CVE-20...
Jenkins Git Client Plugin Remote Code Execution (CVE-2019-10392)
A remote code execution vulnerability exists in Jenkins Git Client Plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2019-10392
Jenkins Git Client Plugin 2.8.4 and earlier and 3.0.0-rc did not properly restrict values passed as URL argument to an invocation of 'git ls-remote', resulting in OS command injection...
CVE-2019-10392
CVE-2019-10392 affects Jenkins Git Client Plugin (versions ≤2.8.4 and 3.0.0-rc): improper restriction of values passed to git ls-remote enables OS command injection. Exploitation details are present in a public exploit repository (GitHub). NVD CVSSv3.1 base score 8.8 (HIGH). Connected advisories ...
CVE-2019-10392
Jenkins Git Client Plugin 2.8.4 and earlier and 3.0.0-rc did not properly restrict values passed as URL argument to an invocation of 'git ls-remote', resulting in OS command injection...