Vulnerabilities > Jenkins > GIT > High

DATE CVE VULNERABILITY TITLE RISK
2022-07-27 CVE-2022-36882 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins GIT
A cross-site request forgery (CSRF) vulnerability in Jenkins Git Plugin 4.11.3 and earlier allows attackers to trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit.
network
low complexity
jenkins CWE-352
8.8
2022-07-27 CVE-2022-36883 Missing Authorization vulnerability in Jenkins GIT
A missing permission check in Jenkins Git Plugin 4.11.3 and earlier allows unauthenticated attackers to trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit.
network
low complexity
jenkins CWE-862
7.5
2022-05-17 CVE-2022-30947 Unspecified vulnerability in Jenkins GIT
Jenkins Git Plugin 4.11.1 and earlier allows attackers able to configure pipelines to check out some SCM repositories stored on the Jenkins controller's file system using local paths as SCM URLs, obtaining limited information about other projects' SCM contents.
network
low complexity
jenkins
7.5
2017-10-05 CVE-2017-1000092 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins GIT
Git Plugin connects to a user-specified Git repository as part of form validation.
network
high complexity
jenkins CWE-352
7.5