Описание
Jenkins Swarm Plugin Client vulnerable to man-in-the-middle attacks
Jenkins Swarm Plugin Client 3.4 and earlier bundled a version of the commons-httpclient library with the vulnerability CVE-2012-6153 that incorrectly verified SSL certificates, making it susceptible to man-in-the-middle attacks.
Пакеты
org.jenkins-ci.plugins:swarm-client
<= 3.4
3.5
org.jvnet.hudson.plugins:swarm-plugin
<= 1.5
Отсутствует
Связанные уязвимости
Jenkins Swarm Plugin Client 3.4 and earlier bundled a version of the commons-httpclient library with the vulnerability CVE-2012-6153 that incorrectly verified SSL certificates, making it susceptible to man-in-the-middle attacks.
Jenkins Swarm Plugin Client 3.4 and earlier bundled a version of the commons-httpclient library with the vulnerability CVE-2012-6153 that incorrectly verified SSL certificates, making it susceptible to man-in-the-middle attacks.