CVE-2022-36884

Exposure of Sensitive Information to an Unauthorized Actor in maven/org.jenkins-ci.plugins/git

Identifiers

CVE-2022-36884

Package Slug

maven/org.jenkins-ci.plugins/git

Vulnerability

Exposure of Sensitive Information to an Unauthorized Actor

Description

The webhook endpoint in Jenkins Git Plugin 4.11.3 and earlier provide unauthenticated attackers information about the existence of jobs configured to use an attacker-specified Git repository.

Affected Versions

All versions up to 4.11.3

Solution

Unfortunately, there is no solution available yet.

Last Modified

2022-08-04

source