The Jenkins project takes security seriously. We make every possible effort to ensure users can adequately secure their automation infrastructure.
Missing: /url | Show results with:/url
This page lists all security advisories that have been published so far. This index is also available as an RSS feed. 2024. Jenkins Security Advisory 2024-04 ...
The "Enable Security" checkbox should always be enabled for any non-local (test) Jenkins environment. The "Security" section of the web UI allows a Jenkins ...
Jan 24, 2024 · This advisory announces vulnerabilities in the following Jenkins deliverables: Jenkins (core); Git server Plugin · GitLab Branch Source ...
Oct 25, 2023 · This results in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. GitHub Plugin 1.37.
Jenkins – an open source automation server which enables developers around the world to reliably build, test, and deploy their software.
Sep 6, 2023 · This advisory announces vulnerabilities in the following Jenkins deliverables: Assembla Auth Plugin · AWS CodeCommit Trigger Plugin ...
Jun 14, 2023 · As of publication of this advisory, we are aware of insufficiently escaped context menu URLs for label expressions, allowing attackers with Item ...
Mar 6, 2024 · This advisory announces vulnerabilities in the following Jenkins deliverables: AppSpider Plugin · Bitbucket Branch Source Plugin ...
This section aims to clarify the scope of issues handled by the Jenkins security team. When in doubt, we recommend you report issues to us as described above, ...