Jenkins Security Advisory 2019-07-11. Affects Plugins: Caliper CI Dependency Graph Viewer Docker Embeddable Build Status Gogs mashup-portlets-plugin Port ...
Missing: /url | Show results with:/url
Changing the context path of Jenkins with a reverse proxy is fraught with danger. There are many URLs that must be rewritten. Even if you rewrite all the URLs ...
Missing: infra. | Show results with:infra.
Jan 20, 2022 · Hello,. I am using Jenkins 2.319.1 with nginx as reverse proxy. There is a message in Jenkins that “it appears that your reverse proxy set ...
Mar 31, 2022 · The Jenkins security team has confirmed that the Spring vulnerability is not affecting Jenkins Core. There is no impact because we are using ...
Missing: /url | Show results with:/url
Sep 4, 2021 · The Jenkins infrastructure team identified a successful attack against our deprecated Confluence service. This blog post describes our ...
Jenkins builds pull requests sent by untrusted users, or employ a security model that limits trust in users allowed to configure one or more jobs, this also ...
Missing: infra. | Show results with:infra.
Jun 22, 2022 · This results in a reflected cross-site scripting (XSS) vulnerability. Embeddable Build Status Plugin 2.0.4 limits URLs to http and https ...
Missing: infra. | Show results with:infra.
Oct 25, 2023 · ci.jenkins.io was impacted ... ci when accessing https://plugins.jenkins.io resulting in a 502 ... “Mirror Status” link from get.jenkins.io returns ...
Missing: /url affected/
While this isn't an issue as long as the machine you're running Jenkins on has direct Internet access, it can lead to all kind of (sometimes inconsistent) ...
Missing: status. infra.
We document all the issues in Jenkins on JIRA and plugin issues are on Github. If you are reporting an issue with the jenkins.io site, please create an issue in ...
Missing: status. | Show results with:status.