Detections
Analytics
CVE-2025-47888
medium
Description
Jenkins DingTalk Plugin 2.7.3 and earlier unconditionally disables SSL/TLS certificate and hostname validation for connections to the configured DingTalk webhooks.
References
https://www.jenkins.io/security/advisory/2025-05-14/#SECURITY-3353