Advisory Database
  • Advisories
  • Dependency Scanning
  1. maven
  2. ›
  3. org.jenkins-ci.plugins/git-server
  4. ›
  5. CVE-2024-23899

CVE-2024-23899: Arbitrary file read vulnerability in Git server Plugin can lead to RCE

January 24, 2024 (updated June 4, 2025)

Jenkins Git server Plugin uses the args4j library to parse command arguments and options on the Jenkins controller when processing Git commands received via SSH. This command parser has a feature that replaces an @ character followed by a file path in an argument with the file’s contents (expandAtFiles). This feature is enabled by default and Git server Plugin 99.va_0826a_b_cdfa_d and earlier does not disable it.

This allows attackers with Overall/Read permission to read the first two lines of arbitrary files on the Jenkins controller file system using the default character encoding of the Jenkins controller process.

See SECURITY-3314 for further information about the potential impact of being able to read files on the Jenkins controller, as well as the limitations for reading binary files. Note that for this issue, unlike SECURITY-3314, attackers need Overall/Read permission.

References

  • github.com/advisories/GHSA-vph5-2q33-7r9h
  • github.com/jenkinsci/git-server-plugin
  • github.com/jenkinsci/git-server-plugin/commit/068ac7cc2574882ef9f5a486e001228a71d881ad
  • nvd.nist.gov/vuln/detail/CVE-2024-23899
  • www.jenkins.io/security/advisory/2024-01-24/

Code Behaviors & Features

Detect and mitigate CVE-2024-23899 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →

Affected versions

All versions before 99.101.v720e86326c09

Fixed versions

  • 99.101.v720e86326c09

Solution

Upgrade to version 99.101.v720e86326c09 or above.

Impact 6.5 MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Learn more about CVSS

Weakness

  • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Source file

maven/org.jenkins-ci.plugins/git-server/CVE-2024-23899.yml

Spotted a mistake? Edit the file on GitLab.

  • Site Repo
  • About GitLab
  • Terms
  • Privacy Statement
  • Contact

Page generated Thu, 04 Sep 2025 00:19:33 +0000.