Описание
Jenkins NS-ND Integration Performance Publisher Plugin disables SSL/TLS certificate validation globally and unconditionally
Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.143 and earlier globally and unconditionally disables SSL/TLS certificate and hostname validation for the entire Jenkins controller JVM.
NS-ND Integration Performance Publisher Plugin 4.8.0.146 no longer disables SSL/TLS certificate and hostname validation globally.
Пакеты
Наименование
io.jenkins.plugins:cavisson-ns-nd-integration
maven
Затронутые версииВерсия исправления
< 4.8.0.146
4.8.0.146
Связанные уязвимости
CVSS3: 7.5
nvd
около 3 лет назад
Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.143 and earlier globally and unconditionally disables SSL/TLS certificate and hostname validation for the entire Jenkins controller JVM.