Dingtalk
1 CVEs
product
Monthly
Jenkins DingTalk Plugin 2.7.3 and earlier unconditionally disables SSL/TLS certificate and hostname validation for connections to the configured DingTalk webhooks. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable. No vendor patch available.
Information Disclosure
Jenkins
Dingtalk
NVD
CVSS 3.1
5.9
EPSS
0.2%
CVE-2025-47888
EPSS 0%
CVSS 5.9
MEDIUM
This Month
Jenkins DingTalk Plugin 2.7.3 and earlier unconditionally disables SSL/TLS certificate and hostname validation for connections to the configured DingTalk webhooks. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable. No vendor patch available.
Information Disclosure
Jenkins
Dingtalk
NVD