← All advisories

Moderate severityNVD Advisory· Published Apr 30, 2019· Updated Aug 4, 2024

CVE-2019-10317

CVE-2019-10317

Description

Jenkins SiteMonitor Plugin 0.5 and earlier disabled SSL/TLS and hostname verification globally for the Jenkins master JVM.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
org.jvnet.hudson.plugins:sitemonitorMaven	< 0.6	0.6

Affected products

2

ghsa-coords
pkg:maven/org.jvnet.hudson.plugins/sitemonitor
Range: < 0.6
Jenkins Project/Jenkins Monitor Remote Job Plugincpe-rescue
Range: 0.5 and earlier

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

6

github.com/advisories/GHSA-23c2-w636-5rhmghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2019-10317ghsaADVISORY
www.openwall.com/lists/oss-security/2019/04/30/5ghsamailing-listx_refsource_MLISTWEB
www.securityfocus.com/bid/108159mitrevdb-entryx_refsource_BID
jenkins.io/security/advisory/2019-04-30/ghsax_refsource_CONFIRMWEB
web.archive.org/web/20200227073756/http://www.securityfocus.com/bid/108159ghsaWEB

News mentions

0

No linked articles in our index yet.