Jenkins Bumblebee HP ALM Plugin unconditionally disabled SSL/TLS certificate validation

2022-05-2416:58:49

Google

osv.dev

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.0%

JSON

Jenkins Bumblebee HP ALM Plugin unconditionally disabled SSL/TLS certificate validation for connections to the HP ALM service.

Bumblebee HP ALM Plugin no longer does that. Instead, it now allows users to opt out of certificate validation.

CPENameOperatorVersion
org.jenkins-ci.plugins:bumblebeeeq3.0.0
org.jenkins-ci.plugins:bumblebeeeq4.0.6
org.jenkins-ci.plugins:bumblebeeeq4.0.1
org.jenkins-ci.plugins:bumblebeeeq4.0.3
org.jenkins-ci.plugins:bumblebeeeq4.0.7
org.jenkins-ci.plugins:bumblebeeeq4.1.0
org.jenkins-ci.plugins:bumblebeeeq4.0.9
org.jenkins-ci.plugins:bumblebeeeq4.0.0
org.jenkins-ci.plugins:bumblebeeeq3.0.3
org.jenkins-ci.plugins:bumblebeeeq3.0.2

Name	Operator	Version
org.jenkins-ci.plugins:bumblebee	eq	3.0.0
org.jenkins-ci.plugins:bumblebee	eq	4.0.6
org.jenkins-ci.plugins:bumblebee	eq	4.0.1
org.jenkins-ci.plugins:bumblebee	eq	4.0.3
org.jenkins-ci.plugins:bumblebee	eq	4.0.7
org.jenkins-ci.plugins:bumblebee	eq	4.1.0
org.jenkins-ci.plugins:bumblebee	eq	4.0.9
org.jenkins-ci.plugins:bumblebee	eq	4.0.0
org.jenkins-ci.plugins:bumblebee	eq	3.0.3
org.jenkins-ci.plugins:bumblebee	eq	3.0.2