An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS0zdndtLWZjODctbXE2aM4AAv6W
SSL/TLS certificate validation globally and unconditionally disabled by Jenkins NS-ND Integration Performance Publisher Plugin
NS-ND Integration Performance Publisher Plugin 184.108.40.206 and earlier globally and unconditionally disables SSL/TLS certificate and hostname validation for the entire Jenkins controller JVM.
NS-ND Integration Performance Publisher Plugin 220.127.116.11 no longer disables SSL/TLS certificate and hostname validation globally.Permalink: https://github.com/advisories/GHSA-3vwm-fc87-mq6h
Source: GitHub Advisory Database
Published: 7 months ago
Updated: 4 months ago
CVSS Score: 5.9
CVSS vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N
Identifiers: GHSA-3vwm-fc87-mq6h, CVE-2022-45391
maven:io.jenkins.plugins:cavisson-ns-nd-integrationVersions: < 18.104.22.168
Fixed in: 22.214.171.124