Lucene search

K
osvGoogleOSV:GHSA-PJ45-8VHC-MH2F
HistoryMay 14, 2022 - 3:45 a.m.

Jenkins Swarm Plugin Client vulnerable to man-in-the-middle attacks

2022-05-1403:45:42
Google
osv.dev
13

0.001 Low

EPSS

Percentile

51.2%

Jenkins Swarm Plugin Client 3.4 and earlier bundled a version of the commons-httpclient library with the vulnerability CVE-2012-6153 that incorrectly verified SSL certificates, making it susceptible to man-in-the-middle attacks.