VYPR

Git server Plugin

by Jenkins Project

Source repositories

CVEs (2)

  • CVE-2024-34146May 2, 2024
    risk 0.00cvss epss 0.01

    Jenkins Git server Plugin 114.v068a_c7cc2574 and earlier does not perform a permission check for read access to a Git repository over SSH, allowing attackers with a previously configured SSH public key but lacking Overall/Read permission to access these repositories.

  • CVE-2024-23899Jan 24, 2024
    risk 0.00cvss epss 0.01

    Jenkins Git server Plugin 99.va_0826a_b_cdfa_d and earlier does not disable a feature of its command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing attackers with Overall/Read permission to read content from…