Skip to content

Update dependency org.jenkins-ci.plugins:git-client to v6 #764

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
mend-for-github-com wants to merge 1 commit into
base: main
Choose a base branch
from

Update dependency org.jenkins-ci.plugins:git-client to v6

4bbe6db
Select commit
Loading
Failed to load commit list.
Open

Update dependency org.jenkins-ci.plugins:git-client to v6 #764

Update dependency org.jenkins-ci.plugins:git-client to v6
4bbe6db
Select commit
Loading
Failed to load commit list.
Mend for GitHub.com / Mend Security Check failed Nov 27, 2025 in 1m 35s

Security Report

You have successfully remediated 17 vulnerabilities, but introduced 2 new vulnerabilities in this branch.

❌ New vulnerabilities:

Vulnerability Severity CVSS Score Vulnerable Library Direct Library Suggested Fix Issue
CVE-2025-8916

Path to dependency file: /build.gradle

Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.bouncycastle/bcpkix-jdk18on/1.78.1/17b3541f736df97465f87d9f5b5dfa4991b37bb3/bcpkix-jdk18on-1.78.1.jar

Dependency Hierarchy:

-> ❌ bcpkix-jdk18on-1.78.1.jar (Vulnerable Library)

Medium 5.3 Direct bcpkix-jdk18on-1.78.1.jar bcpkix-jdk18on-1.78.1.jar org.bouncycastle:bcpkix-fips:2.0.8,https://github.com/bcgit/bc-java.git - r1rv79,org.bouncycastle:bcprov-debug-jdk18on:1.79,org.bouncycastle:bcprov-debug-jdk15to18:1.79,org.bouncycastle:bcprov-ext-jdk15to18:1.79,org.bouncycastle:bcprov-jdk15to18:1.79,org.bouncycastle:bcprov-jdk14:1.79,org.bouncycastle:bcprov-ext-jdk18on:1.79,org.bouncycastle:bcpkix-fips:1.0.8,org.bouncycastle:bcprov-jdk18on:1.79,org.bouncycastle:bcprov-ext-jdk14:1.79,org.bouncycastle:bcprov-debug-jdk14:1.79 None
CVE-2025-58458

Path to dependency file: /build.gradle

Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.jenkins-ci.plugins/git-client/6.1.4/f136ff5969daeee18d11438d177afa3e34f11afd/git-client-6.1.4.jar

Dependency Hierarchy:

-> ❌ git-client-6.1.4.jar (Vulnerable Library)

Medium 4.3 Direct git-client-6.1.4.jar git-client-6.1.4.jar org.jenkins-ci.plugins:git-client:6.1.4,org.jenkins-ci.plugins:git-client:6.3.3,org.jenkins-ci.plugins:git-client:6.2.1,https://github.com/jenkinsci/git-client-plugin.git - git-client-6.3.3 None

✔️ Remediated vulnerabilities:

Vulnerability Vulnerable Library
CVE-2023-35887 sshd-common-2.5.1.jar
CVE-2024-34144 script-security-1244.ve463715a_f89c.jar
CVE-2024-47805 credentials-1112.vc87b_7a_3597f6.jar
CVE-2025-58458 git-client-3.11.1.jar
CVE-2023-4759 org.eclipse.jgit-5.13.0.202109080827-r.jar
CVE-2024-39458 structs-324.va_f5d6774f3a_d.jar
CVE-2023-48795 sshd-core-2.5.1.jar
CVE-2024-41909 sshd-common-2.5.1.jar
CVE-2022-45047 sshd-common-2.5.1.jar
CVE-2023-35887 sshd-core-2.5.1.jar
CVE-2022-45047 sshd-core-2.5.1.jar
CVE-2024-52549 script-security-1244.ve463715a_f89c.jar
CVE-2024-41909 sshd-core-2.5.1.jar
CVE-2024-34145 script-security-1244.ve463715a_f89c.jar
CVE-2021-30129 sshd-core-2.5.1.jar
CVE-2025-4949 org.eclipse.jgit-5.13.0.202109080827-r.jar
CVE-2023-48795 sshd-common-2.5.1.jar

Base branch total remaining vulnerabilities: 70
Base branch commit: d0926780ff61399b5736da3b72f2b8c585f02ff2


Total libraries scanned: 261

Scan token: 457bb754732d40e28073fca246c58973

View more details on Mend for GitHub.com