CVE-2022-36884
maven/org.jenkins-ci.plugins/git
Exposure of Sensitive Information to an Unauthorized Actor
The webhook endpoint in Jenkins Git Plugin 4.11.3 and earlier provide unauthenticated attackers information about the existence of jobs configured to use an attacker-specified Git repository.
All versions up to 4.11.3
Unfortunately, there is no solution available yet.
2022-08-04
source |