Jenkins Git server Plugin 114.v068a_c7cc2574 and earlier does not perform a permission check for read access to a Git repository over SSH, allowing attackers with a previously configured SSH public key but lacking Overall/Read permission to access these repositories.
[
{
"cpes": [
"cpe:2.3:a:jenkins:git_server:*:*:*:*:*:jenkins:*:*"
],
"vendor": "jenkins",
"product": "git_server",
"versions": [
{
"status": "affected",
"version": "*"
}
],
"defaultStatus": "unknown"
}
]