Multiple Jenkins plugins received updates today that fix several security vulnerabilities:
For an overview of what was fixed, see the security advisory.
Additionally, we also published a security notice for the following plugin and recommend that users disable and uninstall it:
This plugin is not part of the Pipeline suite of plugins, despite its name. It’s installed on just several hundred instances.
Subscribe to the jenkinsci-advisories mailing list to receive important notifications related to Jenkins security.