Jenkins Bumblebee Hp Alm — known CVE vulnerabilities
Every CVE whose affected-product data names Jenkins Bumblebee Hp Alm, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2019-10444 — CVSS 6.5 (medium): Jenkins Bumblebee HP ALM Plugin 4.1.3 and earlier unconditionally disabled SSL/TLS and hostname verification for connections to HP ALM.
CVE-2021-21614 — CVSS 5.5 (medium): Jenkins Bumblebee HP ALM Plugin 4.1.5 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller…