Description
Jenkins Mailer Plugin 1.32 and earlier does not perform hostname validation when connecting to the configured SMTP server.
Remediation
References
https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1813
http://www.openwall.com/lists/oss-security/2020/09/16/3
Related Vulnerabilities
CVE-2023-32070 Vulnerability in maven package org.xwiki.rendering:xwiki-rendering-macro-html
CVE-2022-46751 Vulnerability in maven package org.apache.ivy:ivy
CVE-2023-37582 Vulnerability in maven package org.apache.rocketmq:rocketmq-namesrv
CVE-2022-23307 Vulnerability in maven package org.apache.logging.log4j:log4j