Viktor is a security consultant and the 2019 Jenkins Security MVP.
This is a speaker blog post for a DevOps World | Jenkins World 2019 talk in Lisbon, Portugal and has been posted in line with NCC Group responsible disclosure policy.
Related Jenkins security advisories:
Some of the vulnerabilities have been announced without a fix, see Jenkins Security Spring Cleaning 2019.
The most of the announced vulnerabilities are fixed at the moment of this blogpost publishing.
Come join us...
Meet us at FOSDEM!
There will be a Jenkins stand on Feb 01-02, CI/CD devroom on Feb 02, Jenkins Contributor Summit on Jan 30 and Jenkins / Jenkins X trainings on Jan 30.