CVE-2022-36884

Summary

The webhook endpoint in Jenkins Git Plugin 4.11.3 and earlier provide unauthenticated attackers information about the existence of jobs configured to use an attacker-specified Git repository.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins Git Pluginunspecified <= 4.11.3affected
Jenkins projectJenkins Git Plugin4.9.3unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References