Описание
Jenkins Koji Plugin globally and unconditionally disables SSL/TLS certificate validation
Jenkins Koji Plugin unconditionally disables SSL/TLS certificate validation for the entire Jenkins controller JVM.
As of publication of this advisory, there is no fix.
Пакеты
Наименование
org.jenkins-ci.plugins:koji
maven
Затронутые версииВерсия исправления
<= 0.3
Отсутствует
Связанные уязвимости
CVSS3: 5.9
nvd
почти 7 лет назад
Jenkins Koji Plugin disables SSL/TLS and hostname verification globally for the Jenkins master JVM.