This page lists all security advisories that have been published so far. This index is also available as an RSS feed. 2024. Jenkins Security Advisory 2024-05 ...
Permission, which represents an activity that requires a security privilege. This is usually a verb, like "configure", "administer", "tag", etc.
Apr 12, 2023 · Descriptions · Improper masking of credentials in multiple plugins · Disabled SSL/TLS certificate validation for existing configurations in Image ...
Jan 12, 2022 · This allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through ...
May 2, 2024 · Calls to code defined inside a sandboxed script are intercepted, and various allowlists are checked to determine whether the call is to be ...
Jun 22, 2022 · This results in a reflected cross-site scripting (XSS) vulnerability. Embeddable Build Status Plugin 2.0.4 limits URLs to http and https ...
May 16, 2023 · This advisory announces vulnerabilities in the following Jenkins deliverables: Ansible Plugin · AppSpider Plugin · Azure VM Agents Plugin ...
May 16, 2018 · One common pattern for automated releases I have seen and used relies on Git tags as the catalyst for a release process.
Missing: /url | Show results with:/url
Jul 26, 2023 · This results in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control build log contents. Jenkins 2.416, ...
Aug 16, 2023 · Fortify Plugin 22.2.39 removes HTML tags from the error message. Stored XSS vulnerability in Flaky Test Handler Plugin. SECURITY-3223 / CVE-2023 ...