VYPR

Maven package

org.jenkins-ci.plugins/git-server

pkg:maven/org.jenkins-ci.plugins/git-server

Vulnerabilities (2)

  • CVE-2024-34146May 2, 2024
    affected < 117.vebfixed 117.veb

    Jenkins Git server Plugin 114.v068a_c7cc2574 and earlier does not perform a permission check for read access to a Git repository over SSH, allowing attackers with a previously configured SSH public key but lacking Overall/Read permission to access these repositories.

  • CVE-2024-23899Jan 24, 2024
    affected < 99.101.v720e86326c09fixed 99.101.v720e86326c09

    Jenkins Git server Plugin 99.va_0826a_b_cdfa_d and earlier does not disable a feature of its command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing attackers with Overall/Read permission to read content from arbitra