CVE-2019-10334

Summary

Jenkins ElectricFlow Plugin 1.1.5 and earlier disabled SSL/TLS and hostname verification globally for the Jenkins master JVM when MultipartUtility.java is used to upload files.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins ElectricFlow Plugin1.1.5 and earlieraffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References