com.inflectra.spiratest.plugins:inflectra-spira-integration (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package com.inflectra.spiratest.plugins:inflectra-spira-integration, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2019-16558 — CVSS 8.2 (high): Jenkins Spira Importer Plugin 3.2.3 and earlier disables SSL/TLS certificate validation for the Jenkins master JVM.
CVE-2019-16543 — CVSS 5.5 (medium): Jenkins Spira Importer Plugin 3.2.2 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where…