CVE-2015-7539
The Plugins Manager in Jenkins before 1.640 and LTS before 1.625.2 does not verify checksums for plugin files referenced
The Plugins Manager in Jenkins before 1.640 and LTS before 1.625.2 does not verify checksums for plugin files referenced in update site data, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted plugin.
HIGH · CVSS 7.5
EPSS 0.00768
Schedule remediation
- CVSS base score ≥ 7.0
Sigma rules0
YARA rules0