CVE-2019-10392
published 2019-09-12CVE-2019-10392: Jenkins Git Client Plugin 2.8.4 and earlier and 3.0.0-rc did not properly restrict values passed as URL argument to an invocation of 'git ls-remote', resulting…
PriorityP263high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
25.78%
97.7th percentile
Jenkins Git Client Plugin 2.8.4 and earlier and 3.0.0-rc did not properly restrict values passed as URL argument to an invocation of 'git ls-remote', resulting in OS command injection.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jenkins | aqua_security_serverless_scanner_plugin | — | — |
| jenkins | beaker_builder_plugin | — | — |
| jenkins | build_environment_plugin | — | — |
| jenkins | dashboard_view_plugin | — | — |
| jenkins | git_client | <= 2.8.4 | — |
| jenkins | git_client | — | — |
| jenkins | git_client_plugin | — | — |
| jenkins | git_plugin | — | — |
| jenkins | sandbox_protection_in_script_security_plugin | — | — |
| jenkins | script_security_plugin | — | — |
| jenkins | users_of_git_client_plugin | — | — |
| jenkins_project | jenkins_git_client_plugin | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for 'git ls-remote' invocations with suspicious or shell-metacharacter-containing URL arguments, which may indicate OS command injection attempts via Jenkins Git Client Plugin ↗
- →Refer to the Jenkins security advisory for SECURITY-1534 for detailed exploitation patterns and patch guidance ↗
- ·Vulnerable versions are Jenkins Git Client Plugin 2.8.4 and earlier, and the 3.0.0-rc release candidate; ensure upgrades target a fixed version beyond these ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
vendor_redhat8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Improper Neutralization of Special Elements used in an OS Command in Jenkins Git Client Plugin
osv·2022-05-24
CVE-2019-10392 [HIGH] Improper Neutralization of Special Elements used in an OS Command in Jenkins Git Client Plugin
Improper Neutralization of Special Elements used in an OS Command in Jenkins Git Client Plugin
Jenkins Git Client Plugin 2.8.4 and earlier did not properly restrict values passed as URL argument to an invocation of 'git ls-remote', resulting in OS command injection.
GHSA
Improper Neutralization of Special Elements used in an OS Command in Jenkins Git Client Plugin
ghsa·2022-05-24
CVE-2019-10392 [HIGH] CWE-78 Improper Neutralization of Special Elements used in an OS Command in Jenkins Git Client Plugin
Improper Neutralization of Special Elements used in an OS Command in Jenkins Git Client Plugin
Jenkins Git Client Plugin 2.8.4 and earlier did not properly restrict values passed as URL argument to an invocation of 'git ls-remote', resulting in OS command injection.
Jenkins
Jenkins Security Advisory 2019-09-12
vendor_jenkins·2019-09-12·CVSS 8.8
CVE-2019-10392 [HIGH] Jenkins Security Advisory 2019-09-12
Title: Jenkins Security Advisory 2019-09-12
Jenkins Security Advisory 2019-09-12
Jenkins Security Home
For Administrators
Overview
Terminology
Vulnerabilities and Scoring
Security Advisories
Security Issues
Advisory Schedule
Vulnerabilities in Plugins
How We Fix Security Issues
For Reporters
Reporting Vulnerabilities
Jenkins CNA
For Maintainers
Overview
Vulnerabilities in Plugins
Jenkins Security Team
About
Contributions
This advisory announces vulnerabilities in the following Jenkins deliverables:
Aqua Security Serverless Scanner
Plugin
Beaker builder
Plugin
Build Environment
Plugin
Dashboard View
Plugin
Git client
Plugin
Script Security
Plugin
Descriptions
Sys
Red Hat
jenkins-git-client-plugin: OS command injection via 'git ls-remote'
vendor_redhat·2019-09-12·CVSS 8.8
CVE-2019-10392 [HIGH] CWE-78 jenkins-git-client-plugin: OS command injection via 'git ls-remote'
jenkins-git-client-plugin: OS command injection via 'git ls-remote'
Jenkins Git Client Plugin 2.8.4 and earlier and 3.0.0-rc did not properly restrict values passed as URL argument to an invocation of 'git ls-remote', resulting in OS command injection.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2019-10392 jenkins-git-client-plugin: OS command injection via 'git ls-remote'
bugzilla·2020-04-01·CVSS 8.8
CVE-2019-10392 [HIGH] CVE-2019-10392 jenkins-git-client-plugin: OS command injection via 'git ls-remote'
CVE-2019-10392 jenkins-git-client-plugin: OS command injection via 'git ls-remote'
Jenkins Git Client Plugin 2.8.4 and earlier and 3.0.0-rc did not properly restrict values passed as URL argument to an invocation of 'git ls-remote', resulting in OS command injection.
Reference:
http://www.openwall.com/lists/oss-security/2019/09/12/2
Discussion:
External References:
https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1534
---
Fixed in OpenShift Container Platform 4 in the below advisories:
https://access.redhat.com/errata/RHBA-2020:0527
https://access.redhat.com/errata/RHBA-2020:0522
https://access.redhat.com/errata/RHBA-2020:0690
---
This issue has been addressed in the following products:
Red Hat OpenShift Container Platform 3.11
Via RHSA-2020:2478 https://access.redhat.
Bugzilla
CVE-2018-10392 libvorbis: heap buffer overflow in mapping0_forward function
bugzilla·2018-05-02·CVSS 8.8
CVE-2018-10392 [HIGH] CVE-2018-10392 libvorbis: heap buffer overflow in mapping0_forward function
CVE-2018-10392 libvorbis: heap buffer overflow in mapping0_forward function
A flaw was found in libvorbis 1.3.6. The mapping0_forward function in mapping0.c file in Xiph.Org does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) via a crafted file.
References:
https://gitlab.xiph.org/xiph/vorbis/issues/2335
Discussion:
Created libvorbis tracking bugs for this issue:
Affects: fedora-all [bug 1574199]
Created mingw-libvorbis tracking bugs for this issue:
Affects: epel-7 [bug 1574198]
Affects: fedora-all [bug 1574200]
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 8
Via RHSA-2019:3703 https://access.redhat.com/errata/RHSA-2019:3703
---
This bug is now c
2019-09-12
Published