AVG-2448 log
Package | jenkins |
Status | Fixed |
Severity | Medium |
Type | certificate verification bypass |
Affected | 2.314-1 |
Fixed | 2.315-1 |
Current | 2.485-1 [extra] |
Ticket | None |
Created | Thu Oct 7 06:59:52 2021 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2014-3577 | Medium | Yes | Certificate verification bypass | Jenkins 2.314 and earlier bundles a version of the commons-httpclient library with the vulnerability CVE-2014-3577 that incorrectly verified SSL/TLS... |