Lucene search

K

GoogleOSV:GHSA-2J5W-CWC3-8HXW

HistoryMay 24, 2022 - 5:03 p.m.

Improper Certificate Validation in Jenkins Spira Importer Plugin

2022-05-2417:03:47

Google

osv.dev

11

jenkins

spira importer plugin

ssl/tls

EPSS

0.001

Percentile

46.5%

Jenkins Spira Importer Plugin 3.2.3 and earlier disables SSL/TLS certificate validation for the Jenkins master JVM.

References

www.openwall.com/lists/oss-security/2019/12/17/1

jenkins.io/security/advisory/2019-12-17/#SECURITY-1580

nvd.nist.gov/vuln/detail/CVE-2019-16558

EPSS

0.001

Percentile

46.5%

Related for OSV:GHSA-2J5W-CWC3-8HXW

github1 cvelist1 alpinelinux1 cve1 prion1 nvd1