CVE-2022-45391

Improper Certificate Validation in maven/io.jenkins.plugins/cavisson-ns-nd-integration

Identifiers

GHSA-3vwm-fc87-mq6h, CVE-2022-45391

Package Slug

maven/io.jenkins.plugins/cavisson-ns-nd-integration

Vulnerability

Improper Certificate Validation

Description

Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.143 and earlier globally and unconditionally disables SSL/TLS certificate and hostname validation for the entire Jenkins controller JVM.

Affected Versions

All versions before 4.8.0.143

Solution

Upgrade to version 4.8.0.143 or above.

Last Modified

2022-11-22

source