-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisThe reasoning is based on understanding the nature of the vulnerability (CWE-295) and the typical code patterns involved in disabling SSL/TLS certificate validation in Java applications. The exact function name is hypothesized based on common practices in Jenkins plugin development and the description of the vulnerability.
JavaJava| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| org.jenkins-ci.plugins:koji | maven | <= 0.3 |
Ongoing coverage of React2Shell