CVE-2023-30517 Information

Description

Jenkins NeuVector Vulnerability Scanner Plugin 1.22 and earlier unconditionally disables SSL/TLS certificate and hostname validation when connecting to a configured NeuVector Vulnerability Scanner server.

Reference

https://www.jenkins.io/security/advisory/2023-04-12/#SECURITY-2841