cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-36881,https://securityvulnerability.io/vulnerability/CVE-2022-36881,SSH Host Key Verification Bypass in Jenkins Git Client Plugin,"The Jenkins Git Client Plugin prior to version 3.11.0 lacks SSH host key verification when establishing connections to Git repositories via SSH. This security oversight makes it possible for attackers to execute man-in-the-middle attacks, thereby potentially intercepting or manipulating data transmitted between Jenkins and the target Git repository. Proper host key verification is crucial to ensure the authenticity of the repository and prevent unauthorized access, making it essential for users of affected versions to upgrade to mitigate this risk.",Jenkins,Jenkins Git Client Plugin,8.1,HIGH,0.0014400000218302011,false,,false,false,false,,,false,false,,2022-07-27T14:20:49.000Z,0
CVE-2019-10392,https://securityvulnerability.io/vulnerability/CVE-2019-10392,,"Jenkins Git Client Plugin 2.8.4 and earlier and 3.0.0-rc did not properly restrict values passed as URL argument to an invocation of 'git ls-remote', resulting in OS command injection.",Jenkins,Jenkins Git Client Plugin,8.8,HIGH,0.9242200255393982,false,,false,false,true,2019-09-26T05:45:00.000Z,true,false,false,,2019-09-12T13:55:15.000Z,0