vulnerability
Red Hat OpenShift: CVE-2022-36881: jenkins-plugin: Man-in-the-Middle (MitM) in org.jenkins-ci.plugins:git-client
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:M/Au:N/C:C/I:C/A:C) | Jul 27, 2022 | Nov 18, 2022 | Apr 14, 2025 |
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
Jul 27, 2022
Added
Nov 18, 2022
Modified
Apr 14, 2025
Description
Jenkins Git client Plugin 3.11.0 and earlier does not perform SSH host key verification when connecting to Git repositories via SSH, enabling man-in-the-middle attacks.
Solution
linuxrpm-upgrade-jenkins-2-plugins
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.