org.jenkins-ci.plugins:git-server

Maven2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting org.jenkins-ci.plugins:git-serverpage 1 of 1

CVE-2024-23899MEDIUMCVSS 6.5EG 6.5✓ Fixed in 99.101.v720e86326c09
2024-01-24
vulnerable: 1.0 ... 99.va_0826a_b_cdfa_d (13 versions)
Jenkins Git server Plugin 99.va_0826a_b_cdfa_d and earlier does not disable a feature of its command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing attackers with Overall/Rea…
CVE-2024-34146MEDIUMCVSS 6.5EG 6.5✓ Fixed in 117.veb
2024-05-02
vulnerable: 1.0 ... 99.va_0826a_b_cdfa_d (15 versions)
Jenkins Git server Plugin 114.v068a_c7cc2574 and earlier does not perform a permission check for read access to a Git repository over SSH, allowing attackers with a previously configured SSH public key but lacking Overall/Read permission t…

Check whether org.jenkins-ci.plugins:git-server is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for org.jenkins-ci.plugins:git-server CVEs against the assets you own.

Start Free Scan →