CVE-2023-35142
published 2023-06-14CVE-2023-35142: Jenkins Checkmarx Plugin 2022.4.3 and earlier disables SSL/TLS validation for connections to the Checkmarx server by default.
high8.1CVSS 3.1
AVNACHPRNUINSUCHIHAH
Jenkins Checkmarx Plugin 2022.4.3 and earlier disables SSL/TLS validation for connections to the Checkmarx server by default.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jenkins | aws_codecommit_trigger_plugin | — | — |
| jenkins | checkmarx | <= 2023.4.3 | — |
| jenkins | checkmarx_plugin | — | — |
| jenkins | digital.ai_app_management_publisher_plugin | — | — |
| jenkins | dimensions_plugin | — | — |
| jenkins | jenkins_core | — | — |
| jenkins | jenkins_lts | — | — |
| jenkins | jenkins_weekly | — | — |
| jenkins | maven_repository_server_plugin | — | — |
| jenkins | sonargraph_integration_plugin | — | — |
| jenkins | team_concert_plugin | — | — |
| jenkins | template_workflows_plugin | — | — |
| jenkins_project | jenkins_checkmarx_plugin | <= 2022.4.3 | — |