GHSA-hrr3-7r5v-vxx5, CVE-2018-1999035
maven/com.inedo.buildmaster/inedo-buildmaster
Improper Certificate Validation
A man in the middle vulnerability exists in Jenkins Inedo BuildMaster Plugin 1.3 and earlier in BuildMasterConfiguration.java, BuildMasterConfig.java, BuildMasterApi.java that allows attackers to impersonate any service that Jenkins connects to.
All versions up to 1.3
Upgrade to version 2.0 or above.
2024-01-31
source |