High severityNVD Advisory· Published Oct 16, 2019· Updated Aug 4, 2024
CVE-2019-10446
CVE-2019-10446
Description
Jenkins Cadence vManager Plugin 2.7.0 and earlier disabled SSL/TLS and hostname verification globally for the Jenkins master JVM.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.jenkins-ci.plugins:vmanager-pluginMaven | < 2.7.1 | 2.7.1 |
Affected products
2- Range: 2.7.0 and earlier
Patches
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
4- github.com/advisories/GHSA-5j9f-5wmp-7f8hghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2019-10446ghsaADVISORY
- github.com/jenkinsci/vmanager-plugin/commit/639aa135ab57d9e23c5bedeb0a5e9518eb0f486eghsaWEB
- jenkins.io/security/advisory/2019-10-16/ghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.