daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Auto Generated CVE annotations [Tue Aug 9 10:01:47 UTC 2022] 🤖

patch-1
GitHub Action 2022-08-09 10:01:47 +00:00
parent e2ae218d70
commit ad775a66e4
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
cves/2022/CVE-2022-36883.yaml
View File

@ -1,8 +1,8 @@
id: CVE-2022-36883 id: CVE-2022-36883
info: info:
name: Git Plugin up to 4.11.3 on Jenkins Build Authorization name: Git Plugin up to 4.11.3 on Jenkins Build Authorization
severity: high
author: c-sh0 author: c-sh0
severity: high
description: A missing permission check in Jenkins Git Plugin 4.11.3 and earlier allows unauthenticated attackers to trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit. description: A missing permission check in Jenkins Git Plugin 4.11.3 and earlier allows unauthenticated attackers to trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit.
reference: reference:
- https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284 - https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284
@ -14,8 +14,8 @@ info:
cve-id: CVE-2022-36883 cve-id: CVE-2022-36883
cwe-id: CWE-862 cwe-id: CWE-862
metadata: metadata:
verified: true shodan-query: X-Jenkins
shodan-query: "X-Jenkins" verified: "true"
tags: cve,cve2022,jenkins,plugin,git tags: cve,cve2022,jenkins,plugin,git
requests: requests: