Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/05/16 9:20 p.m.28 views

CVE-2025-47888

Jenkins DingTalk Plugin 2.7.3 and earlier unconditionally disables SSL/TLS certificate and hostname validation for connections to the configured DingTalk webhooks...

5.9CVSS6.8AI score0.00199EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/05/14 9:31 p.m.7 views

Jenkins DingTalk Plugin Unconditionally Disables SSL/TLS Certificate and Hostname Validation

Jenkins DingTalk Plugin 2.7.3 and earlier unconditionally disables SSL/TLS certificate and hostname validation for connections to the configured DingTalk webhooks...

5.9CVSS6.7AI score0.00199EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/05/14 9:31 p.m.4 views

GHSA-CP9R-G575-XC5F Jenkins DingTalk Plugin Unconditionally Disables SSL/TLS Certificate and Hostname Validation

Jenkins DingTalk Plugin 2.7.3 and earlier unconditionally disables SSL/TLS certificate and hostname validation for connections to the configured DingTalk webhooks...

5.9CVSS6.7AI score0.00199EPSS
Exploits0References3
NVD
NVD
added 2025/05/14 9:15 p.m.14 views

CVE-2025-47888

Jenkins DingTalk Plugin 2.7.3 and earlier unconditionally disables SSL/TLS certificate and hostname validation for connections to the configured DingTalk webhooks...

5.9CVSS0.00199EPSS
Exploits0References1
OSV
OSV
added 2025/05/14 9:15 p.m.5 views

CVE-2025-47888

Jenkins DingTalk Plugin 2.7.3 and earlier unconditionally disables SSL/TLS certificate and hostname validation for connections to the configured DingTalk webhooks...

5.9CVSS6.1AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/14 8:35 p.m.7 views

CVE-2025-47888

Jenkins DingTalk Plugin 2.7.3 and earlier unconditionally disables SSL/TLS certificate and hostname validation for connections to the configured DingTalk webhooks...

6.8AI score0.00199EPSS
Exploits0References1
CVE
CVE
added 2025/05/14 8:35 p.m.55 views

CVE-2025-47888

CVE-2025-47888 affects the Jenkins DingTalk Plugin (versions 2.7.3 and earlier). The vulnerability stems from the plugin unconditionally disabling SSL/TLS certificate and hostname validation when connecting to DingTalk webhooks, enabling potential exposure to MITM attacks and compromising confide...

5.9CVSS7AI score0.00199EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/05/14 8:35 p.m.19 views

CVE-2025-47888

Jenkins DingTalk Plugin 2.7.3 and earlier unconditionally disables SSL/TLS certificate and hostname validation for connections to the configured DingTalk webhooks...

0.00199EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/14 12:0 a.m.6 views

PT-2025-21241 · Jenkins · Jenkins Dingtalk Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins DingTalk Plugin versions 2.7.3 and earlier Description: The issue concerns the unconditional disabling of SSL/TLS certificate and hostname validation for connections to the configured DingTalk webhooks. This affects the security of th...

5.9CVSS6.2AI score0.00199EPSS
Exploits0References10
Rows per page
Query Builder