CVE-2022-36908

A cross-site request forgery CSRF vulnerability in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers to check for the existence of an attacker-specified file path on the Jenkins controller file system and to upload a SSH key file from the Jenkins controller file system to an...

CVE-2022-36909

A missing permission check in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system and to upload a SSH key file from the Jenkins controller file system ...

CVE-2022-36909

A missing permission check in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system and to upload a SSH key file from the Jenkins controller file system ...

CVE-2022-36909

A missing permission check in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system and to upload a SSH key file from the Jenkins controller file system ...

CVE-2022-36881

Jenkins Git client Plugin 3.11.0 and earlier does not perform SSH host key verification when connecting to Git repositories via SSH, enabling man-in-the-middle attacks...

CVE-2022-36881

Jenkins Git client Plugin 3.11.0 and earlier does not perform SSH host key verification when connecting to Git repositories via SSH, enabling man-in-the-middle attacks...

CVE-2022-36881

Jenkins Git client Plugin 3.11.0 and earlier does not perform SSH host key verification when connecting to Git repositories via SSH, enabling man-in-the-middle attacks...

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers to check for the existence of an attacker-specified file path on the Jenkins controller file system and to upload a SSH key file from the Jenkins controller file system to an...

Design/Logic Flaw

A missing permission check in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system and to upload a SSH key file from the Jenkins controller file system ...

Design/Logic Flaw

Jenkins Git client Plugin 3.11.0 and earlier does not perform SSH host key verification when connecting to Git repositories via SSH, enabling man-in-the-middle attacks...

CVE-2022-36909

A missing permission check in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system and to upload a SSH key file from the Jenkins controller file system ...

CVE-2022-36908

A cross-site request forgery CSRF vulnerability in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers to check for the existence of an attacker-specified file path on the Jenkins controller file system and to upload a SSH key file from the Jenkins controller file system to an...

CVE-2022-36881

Jenkins Git client Plugin 3.11.0 and earlier does not perform SSH host key verification when connecting to Git repositories via SSH, enabling man-in-the-middle attacks...

CVE-2022-36881

CVE-2022-36881 affects Jenkins Git client plugin and is disclosed across multiple sources (including GHSA and OSV). The issue: Git client plugin 3.11.0 and older does not perform SSH host key verification when connecting to Git repositories over SSH, enabling Man-in-the-Middle attacks. Impact des...

CVE-2022-36881

Jenkins Git client Plugin 3.11.0 and earlier does not perform SSH host key verification when connecting to Git repositories via SSH, enabling man-in-the-middle attacks...

PT-2022-4767 · Jenkins · Jenkins Openshift Deployer Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins OpenShift Deployer Plugin versions 1.2.0 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to check for the existence of an attacker-specified file path on the Jenkins controller file system and...

PT-2022-5099 · Jenkins · Jenkins Openshift Deployer Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins OpenShift Deployer Plugin versions 1.2.0 and earlier Description: A missing permission check in the Jenkins OpenShift Deployer Plugin allows attackers with Overall/Read permission to check for the existence of an attacker-specified fi...

Jenkins OpenShift Deployer Plugin 跨站请求伪造漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A cross-site request...

Jenkins OpenShift Deployer Plugin 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

Jenkins Git client Plugin 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...