CVE-2022-41243

Improper Validation of Certificate with Host Mismatch in maven/com.smalltest/smalltest

Identifiers

GHSA-7jwg-hq85-c6m6, CVE-2022-41243

Package Slug

maven/com.smalltest/smalltest

Vulnerability

Improper Validation of Certificate with Host Mismatch

Description

Jenkins SmallTest Plugin 1.0.4 and earlier does not perform hostname validation when connecting to the configured View26 server that could be abused using a man-in-the-middle attack to intercept these connections.

Affected Versions

All versions up to 1.0.4

Solution

Unfortunately, there is no solution available yet.

Last Modified

2022-09-27

source