Description
Jenkins Mailer Plugin 1.32 and earlier does not perform hostname validation when connecting to the configured SMTP server.
Remediation
References
http://www.openwall.com/lists/oss-security/2020/09/16/3
https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1813
Related Vulnerabilities
CVE-2016-4431 Vulnerability in maven package org.apache.struts:struts2-core
CVE-2015-8031 Vulnerability in maven package org.jvnet.hudson.main:hudson-core
CVE-2015-2913 Vulnerability in maven package com.orientechnologies:orientdb-server
CVE-2020-7676 Vulnerability in npm package angular
CVE-2017-5664 Vulnerability in maven package org.apache.tomcat:tomcat-catalina