The Jenkins project takes security seriously. We make every possible effort to ensure users can adequately secure their automation infrastructure.
Missing: /url | Show results with:/url
This page lists all security advisories that have been published so far. This index is also available as an RSS feed. 2024. Jenkins Security Advisory 2024-04 ...
The "Enable Security" checkbox should always be enabled for any non-local (test) Jenkins environment. The "Security" section of the web UI allows a Jenkins ...
Jan 24, 2024 · This advisory announces vulnerabilities in the following Jenkins deliverables: Jenkins (core); Git server Plugin · GitLab Branch Source ...
Jenkins – an open source automation server which enables developers around the world to reliably build, test, and deploy their software.
Oct 25, 2023 · This results in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. GitHub Plugin 1.37.
Sep 6, 2023 · This advisory announces vulnerabilities in the following Jenkins deliverables: Assembla Auth Plugin · AWS CodeCommit Trigger Plugin ...
Jun 14, 2023 · As of publication of this advisory, we are aware of insufficiently escaped context menu URLs for label expressions, allowing attackers with Item ...
Mar 6, 2024 · This advisory announces vulnerabilities in the following Jenkins deliverables: AppSpider Plugin · Bitbucket Branch Source Plugin ...
Jul 12, 2023 · This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained ...