2 matches found
CVE-2019-10334
Jenkins ElectricFlow Plugin 1.1.5 and earlier disabled SSL/TLS and hostname verification globally for the Jenkins master JVM when MultipartUtility.java is used to upload files...
CVE-2019-10334
CVE-2019-10334 affects Jenkins ElectricFlow Plugin versions 1.1.5 and earlier. The vulnerability arises because MultipartUtility.java uploads can cause the plugin to disable SSL/TLS and hostname verification globally for the Jenkins master JVM, exposing connections to untrusted servers. Impact is...