Vulnerabilites related to Jenkins project - Jenkins Git Client Plugin
CVE-2025-58458 (GCVE-0-2025-58458)
Vulnerability from cvelistv5
Published
2025-09-03 15:02
Modified
2025-09-05 07:08
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In Jenkins Git client Plugin 6.3.2 and earlier, except 6.1.4 and 6.2.1, Git URL field form validation responses differ based on whether the specified file path exists on the controller when specifying `amazon-s3` protocol for use with JGit, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.jenkins.io/security/advisory/2025-09-03/#SECURITY-3590 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Jenkins Project | Jenkins Git client Plugin |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-58458",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-03T15:39:03.501942Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-538",
"description": "CWE-538 Insertion of Sensitive Information into Externally-Accessible File or Directory",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T15:45:52.154Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Jenkins Git client Plugin",
"vendor": "Jenkins Project",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "6.3.3",
"versionType": "maven"
},
{
"lessThan": "6.1.*",
"status": "unaffected",
"version": "6.1.4",
"versionType": "maven"
},
{
"lessThan": "6.2.*",
"status": "unaffected",
"version": "6.2.1",
"versionType": "maven"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Jenkins Git client Plugin 6.3.2 and earlier, except 6.1.4 and 6.2.1, Git URL field form validation responses differ based on whether the specified file path exists on the controller when specifying `amazon-s3` protocol for use with JGit, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system."
}
],
"providerMetadata": {
"dateUpdated": "2025-09-05T07:08:01.133Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"name": "Jenkins Security Advisory 2025-09-03",
"tags": [
"vendor-advisory"
],
"url": "https://www.jenkins.io/security/advisory/2025-09-03/#SECURITY-3590"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2025-58458",
"datePublished": "2025-09-03T15:02:26.231Z",
"dateReserved": "2025-09-02T12:44:16.983Z",
"dateUpdated": "2025-09-05T07:08:01.133Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-10392 (GCVE-0-2019-10392)
Vulnerability from cvelistv5
Published
2019-09-12 13:55
Modified
2024-08-04 22:17
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Jenkins Git Client Plugin 2.8.4 and earlier and 3.0.0-rc did not properly restrict values passed as URL argument to an invocation of 'git ls-remote', resulting in OS command injection.
References
| ▼ | URL | Tags |
|---|---|---|
| https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1534 | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2019/09/12/2 | mailing-list, x_refsource_MLIST |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Jenkins project | Jenkins Git Client Plugin |
Version: 2.8.4 and earlier, 3.0.0-rc |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:17:20.645Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1534"
},
{
"name": "[oss-security] 20190912 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/09/12/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins Git Client Plugin",
"vendor": "Jenkins project",
"versions": [
{
"status": "affected",
"version": "2.8.4 and earlier, 3.0.0-rc"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Jenkins Git Client Plugin 2.8.4 and earlier and 3.0.0-rc did not properly restrict values passed as URL argument to an invocation of \u0027git ls-remote\u0027, resulting in OS command injection."
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T16:48:44.099Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1534"
},
{
"name": "[oss-security] 20190912 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/09/12/2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"ID": "CVE-2019-10392",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jenkins Git Client Plugin",
"version": {
"version_data": [
{
"version_value": "2.8.4 and earlier, 3.0.0-rc"
}
]
}
}
]
},
"vendor_name": "Jenkins project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Jenkins Git Client Plugin 2.8.4 and earlier and 3.0.0-rc did not properly restrict values passed as URL argument to an invocation of \u0027git ls-remote\u0027, resulting in OS command injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1534",
"refsource": "MISC",
"url": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1534"
},
{
"name": "[oss-security] 20190912 Multiple vulnerabilities in Jenkins plugins",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/09/12/2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2019-10392",
"datePublished": "2019-09-12T13:55:15",
"dateReserved": "2019-03-29T00:00:00",
"dateUpdated": "2024-08-04T22:17:20.645Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36881 (GCVE-0-2022-36881)
Vulnerability from cvelistv5
Published
2022-07-27 14:20
Modified
2024-08-03 10:14
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Jenkins Git client Plugin 3.11.0 and earlier does not perform SSH host key verification when connecting to Git repositories via SSH, enabling man-in-the-middle attacks.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-1468 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2022/07/27/1 | mailing-list, x_refsource_MLIST |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Jenkins project | Jenkins Git client Plugin |
Version: unspecified < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:14:29.073Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-1468"
},
{
"name": "[oss-security] 20220727 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/07/27/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins Git client Plugin",
"vendor": "Jenkins project",
"versions": [
{
"lessThanOrEqual": "3.11.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "3.10.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Jenkins Git client Plugin 3.11.0 and earlier does not perform SSH host key verification when connecting to Git repositories via SSH, enabling man-in-the-middle attacks."
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T14:23:53.879Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-1468"
},
{
"name": "[oss-security] 20220727 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/07/27/1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"ID": "CVE-2022-36881",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jenkins Git client Plugin",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "3.11.0"
},
{
"version_affected": "!",
"version_value": "3.10.0.1"
}
]
}
}
]
},
"vendor_name": "Jenkins project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Jenkins Git client Plugin 3.11.0 and earlier does not perform SSH host key verification when connecting to Git repositories via SSH, enabling man-in-the-middle attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-322: Key Exchange without Entity Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-1468",
"refsource": "CONFIRM",
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-1468"
},
{
"name": "[oss-security] 20220727 Multiple vulnerabilities in Jenkins plugins",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/07/27/1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2022-36881",
"datePublished": "2022-07-27T14:20:49",
"dateReserved": "2022-07-27T00:00:00",
"dateUpdated": "2024-08-03T10:14:29.073Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}