Описание
Jenkins SmallTest Plugin missing hostname validation
Jenkins SmallTest Plugin 1.0.4 and earlier does not perform hostname validation when connecting to the configured View26 server that could be abused using a man-in-the-middle attack to intercept these connections. There is currently no known workaround or fix for this issue.
Пакеты
Наименование
com.smalltest:smalltest
maven
Затронутые версииВерсия исправления
<= 1.0.4
Отсутствует
Связанные уязвимости
CVSS3: 8.1
nvd
больше 3 лет назад
Jenkins SmallTest Plugin 1.0.4 and earlier does not perform hostname validation when connecting to the configured View26 server that could be abused using a man-in-the-middle attack to intercept these connections.