Fedora Account System
Red Hat Associate
Red Hat Customer
The webhook endpoint in Jenkins Git Plugin 4.11.3 and earlier provide unauthenticated attackers information about the existence of jobs configured to use an attacker-specified Git repository. https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.8 Via RHSA-2023:0017 https://access.redhat.com/errata/RHSA-2023:0017
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-36884
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.10 Via RHSA-2023:0560 https://access.redhat.com/errata/RHSA-2023:0560
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.9 Via RHSA-2023:0777 https://access.redhat.com/errata/RHSA-2023:0777