Git Client Security Vulnerabilities and Issues — Git Client CVE List

Lucene search

JenkinsGit Client

4 matches found

CVE•added 2019/09/12 2:15 p.m.•167 views

CVE-2019-10392

Jenkins Git Client Plugin 2.8.4 and earlier and 3.0.0-rc did not properly restrict values passed as URL argument to an invocation of 'git ls-remote', resulting in OS command injection.

8.8CVSS8.8AI score0.84573EPSS

CVE•added 2022/07/27 3:15 p.m.•123 views

CVE-2022-36881

Jenkins Git client Plugin 3.11.0 and earlier does not perform SSH host key verification when connecting to Git repositories via SSH, enabling man-in-the-middle attacks.

8.1CVSS7.8AI score0.00645EPSS

CVE•added 2017/11/01 1:29 p.m.•66 views

CVE-2017-1000242

Jenkins Git Client Plugin 2.4.2 and earlier creates temporary file with insecure permissions resulting in information disclosure

3.3CVSS3.8AI score0.00007EPSS

CVE•added 2025/09/03 3:15 p.m.•5 views

CVE-2025-58458

In Jenkins Git client Plugin 6.3.2 and earlier, except 6.1.4 and 6.2.1, Git URL field form validation responses differ based on whether the specified file path exists on the controller when specifying amazon-s3 protocol for use with JGit, allowing attackers with Overall/Read permission to check for...

4.3CVSS6.2AI score0.00147EPSS