vulnerability
Red Hat OpenShift: CVE-2022-36881: jenkins-plugin: Man-in-the-Middle (MitM) in org.jenkins-ci.plugins:git-client
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:M/Au:N/C:C/I:C/A:C) | Jul 27, 2022 | Nov 18, 2022 | Aug 11, 2025 |
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
Jul 27, 2022
Added
Nov 18, 2022
Modified
Aug 11, 2025
Description
Jenkins Git client Plugin 3.11.0 and earlier does not perform SSH host key verification when connecting to Git repositories via SSH, enabling man-in-the-middle attacks.
Solution
linuxrpm-upgrade-jenkins-2-plugins
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.