vulnerability
Red Hat OpenShift: CVE-2022-36881: jenkins-plugin: Man-in-the-Middle (MitM) in org.jenkins-ci.plugins:git-client
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:M/Au:N/C:C/I:C/A:C) | Jul 27, 2022 | Nov 18, 2022 | Mar 30, 2026 |
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
Jul 27, 2022
Added
Nov 18, 2022
Modified
Mar 30, 2026
Description
Jenkins Git client Plugin 3.11.0 and earlier does not perform SSH host key verification when connecting to Git repositories via SSH, enabling man-in-the-middle attacks.
Solution
linuxrpm-upgrade-jenkins-2-plugins
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.