Lucene search
GoogleOSV:GHSA-QHXW-54M9-6WWCHistoryMay 14, 2022 - 3:45 a.m.
MitM on Jenkins Maven Plugin
2022-05-1403:45:43
Google
osv.dev
7
0.001 Low
EPSS
Percentile
51.3%
Jenkins Maven Plugin 2.17 and earlier bundled a version of the commons-httpclient library with the vulnerability CVE-2012-6153 that incorrectly verified SSL certificates, making it susceptible to man-in-the-middle attacks. Maven Plugin 3.0 no longer has a dependency on commons-httpclient.
Related
nvd
nvd
CVE-2017-1000397
2018-01-26 02:29:00
CVE-2017-1000402
2018-01-26 02:29:01
CVE-2012-6153
2014-09-04 17:55:04
osv
osv
CVE-2017-1000397
2018-01-26 02:29:00
Improper certificate validation in org.apache.httpcomponents:httpclient
2018-10-17 00:05:15
Jenkins Swarm Plugin Client vulnerable to man-in-the-middle attacks
2022-05-14 03:45:42
github
github
MitM on Jenkins Maven Plugin
2022-05-14 03:45:43
Improper Certificate Validation in Jenkins
2022-05-14 01:04:35
Improper certificate validation in org.apache.httpcomponents:httpclient
2018-10-17 00:05:15
cvelist
cvelist
CVE-2017-1000397
2018-01-26 02:00:00
CVE-2017-1000396
2018-01-26 02:00:00
CVE-2017-1000402
2018-01-26 02:00:00
cve
cve
CVE-2017-1000397
2018-01-26 02:29:00
CVE-2017-1000396
2018-01-26 02:29:00
CVE-2017-1000402
2018-01-26 02:29:01
prion
prion
Design/Logic Flaw
2018-01-26 02:29:00
Design/Logic Flaw
2018-01-26 02:29:00
Design/Logic Flaw
2018-01-26 02:29:00
redhat
redhat
nessus
nessus
RHEL 6 : devtoolset-2-httpcomponents-client (RHSA-2014:1098)
2014-11-08 00:00:00
RHEL 5 / 6 : JBoss EAP (RHSA-2014:1834)
2014-11-12 00:00:00
mageia
mageia
securityvulns
securityvulns
[ MDVSA-2014:170 ] jakarta-commons-httpclient
2014-10-15 00:00:00
ibm
ibm
openvas
openvas
CentOS Update for jakarta-commons-httpclient CESA-2014:1166 centos7
2014-09-10 00:00:00
RedHat Update for jakarta-commons-httpclient RHSA-2014:1166-01
2014-09-09 00:00:00
CentOS Update for jakarta-commons-httpclient CESA-2014:1166 centos6
2014-09-09 00:00:00
redhatcve
redhatcve
CVE-2017-1000396
2017-11-21 11:21:17
CVE-2017-1000402
2017-11-21 11:23:42
ubuntucve
ubuntucve
freebsd
freebsd
Axis2 -- Security vulnerabilities on dependency Apache HttpClient
2012-12-06 00:00:00
f5
f5
K15364328 : Apache vulnerabilities CVE-2012-5783 and CVE-2012-6153
2016-02-02 00:00:00
K15741 : Apache Commons HttpClient vulnerability CVE-2012-6153
2014-10-27 00:00:00
SOL15741 - Apache Commons HttpClient vulnerability CVE-2012-6153
2014-10-27 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: httpcomponents-client-4.2.5-4.fc20
2014-08-30 03:58:27
[SECURITY] Fedora 19 Update: httpcomponents-client-4.2.5-4.fc19
2014-08-30 03:57:30
[SECURITY] Fedora 19 Update: jakarta-commons-httpclient-3.1-15.fc19
2014-08-27 01:28:57
veracode
veracode
Man In The Middle (MitM) Attacks Are Possible With Spoofed SSL Servers
2019-01-15 08:59:46
debiancve
debiancve
CVE-2012-6153
2014-09-04 17:55:04
amazon
amazon
Important: jakarta-commons-httpclient
2014-09-17 21:47:00
debian
debian
[SECURITY] [DLA 222-1] commons-httpclient security update
2015-05-19 15:18:39
ubuntu
ubuntu
Apache Commons HttpClient vulnerabilities
2015-10-14 00:00:00