Lucene search
JenkinsCVELIST:CVE-2023-30516HistoryApr 12, 2023 - 5:05 p.m.
CVE-2023-30516
2023-04-1217:05:07
jenkins
www.cve.org
2
cve-2023-30516
jenkins
docker
ssl/tls
certificate
validation
job configurations
EPSS
0.001
Percentile
32.2%
Jenkins Image Tag Parameter Plugin 2.0 improperly introduces an option to opt out of SSL/TLS certificate validation when connecting to Docker registries, resulting in job configurations using Image Tag Parameters that were created before 2.0 having SSL/TLS certificate validation disabled by default.
CNA Affected
[
{
"defaultStatus": "unknown",
"product": "Jenkins Image Tag Parameter Plugin",
"vendor": "Jenkins Project",
"versions": [
{
"lessThanOrEqual": "2.0",
"status": "affected",
"version": "0",
"versionType": "maven"
}
]
}
]Related
github
github
cve
cve
CVE-2023-30516
2023-04-12 18:15:09
nvd
nvd
CVE-2023-30516
2023-04-12 18:15:09
osv
osv
prion
prion
Default credentials
2023-04-12 18:15:00
