Lucene search

K
cvelistJenkinsCVELIST:CVE-2023-30516
HistoryApr 12, 2023 - 5:05 p.m.

CVE-2023-30516

2023-04-1217:05:07
jenkins
www.cve.org
cve-2023-30516
jenkins
docker
ssl/tls
certificate
validation
job configurations

0.001 Low

EPSS

Percentile

32.2%

Jenkins Image Tag Parameter Plugin 2.0 improperly introduces an option to opt out of SSL/TLS certificate validation when connecting to Docker registries, resulting in job configurations using Image Tag Parameters that were created before 2.0 having SSL/TLS certificate validation disabled by default.

CNA Affected

[
  {
    "defaultStatus": "unknown",
    "product": "Jenkins Image Tag Parameter Plugin",
    "vendor": "Jenkins Project",
    "versions": [
      {
        "lessThanOrEqual": "2.0",
        "status": "affected",
        "version": "0",
        "versionType": "maven"
      }
    ]
  }
]

0.001 Low

EPSS

Percentile

32.2%

Related for CVELIST:CVE-2023-30516