Security Advisories

2019

• Jenkins Security Advisory 2019-04-17
  
  • Affects Plugins: Azure PublisherSettings Credentials GitLab jira-ext ontrack Jenkins XebiaLabs XL Deploy
• Jenkins Security Advisory 2019-04-10
  
  • Affects Jenkins Core
• Jenkins Security Advisory 2019-04-03
  
  • Affects Plugins: Amazon SNS Build Notifier Aqua Security Scanner Assembla Auth Audit to Database AWS CloudWatch Logs Publisher AWS Elastic Beanstalk Publisher aws-device-farm Bitbucket Approve Bugzilla Chef Sinatra CloudCoreo DeployTime CloudShare Docker-Machine crittercism-dsym Crowd Integration DeployHub Diawi Upload Fabric Beta Publisher FTP publisher Gearman HockeyApp Hyper.sh Commons IRC Jabber Server jenkins-cloudformation-plugin jenkins-reviewbot Jira Issue Updater Klaros-Testmanagement Kmap Koji mabl Minio Storage Netsparker Cloud Scan Nomad OctopusDeploy Official OWASP ZAP Open STF openid OpenShift Deployer Perfecto Mobile Relution Enterprise Appstore Publisher Sametime Serena SRA Deploy SOASTA CloudTest StarTeam TestFairy Trac Publisher Upload to pgyer veracode-scanner VMware Lab Manager Slaves VMware vRealize Automation VS Team Services Continuous Deployment WebSphere Deployer WildFly Deployer youtrack-plugin Zephyr Enterprise Test Management
• Jenkins Security Advisory 2019-03-25
  
  • Affects Plugins: Arxan MAM Publisher Codebeamer Test Results Trend Updater ECS publisher Fortify on Demand Uploader Lockable Resources Pipeline: Groovy PRQA Script Security Slack Notification
• Jenkins Security Advisory 2019-03-06
  
  • Affects Plugins: AppDynamics Dashboard Azure VM Agents Bitbar Run-in-Cloud Email Extension Groovy Job DSL Matrix Project OSF Builder Suite For Salesforce Commerce Cloud :: Deploy Pipeline: Groovy Rabbit-MQ Publisher Repository Connector Script Security
• Jenkins Security Advisory 2019-02-19
  
  • Affects Plugins: Acunetix Arxan MAM Publisher Cloud Foundry ElectricFlow JMS Messaging Mattermost Notification OctopusDeploy Script Security
• Jenkins Security Advisory 2019-01-28
  
  • Affects Plugins: Active Directory Blue Ocean Config File Provider Git GitHub Authentication Groovy Job Import Kanboard Monitoring OpenId Connect Authentication Script Security Token Macro Warnings Warnings Next Generation
• Jenkins Security Advisory 2019-01-16
  
  • Affects Jenkins Core
• Jenkins Security Advisory 2019-01-08
  
  • Affects Plugins: Pipeline: Declarative Pipeline: Groovy Script Security

2018

• Jenkins Security Advisory 2018-12-05
  
  • Affects Jenkins Core
• Jenkins Security Advisory 2018-10-29
  
  • Affects Plugins: Pipeline: Groovy Script Security
• Jenkins Security Advisory 2018-10-10
  
  • Affects Jenkins Core
• Jenkins Security Advisory 2018-09-25
  
  • Affects Plugins: Arachni Scanner Argus Notifier Artifactory Chatter Notifier Config File Provider Crowd 2 Integration Dimensions Email Extension Template Git Changelog HipChat JIRA Job Configuration History JUnit mesos Metadata Monitoring MQ Notifier PAM Authentication Publish Over Dropbox Rebuilder SonarQube Scanner
• Jenkins Security Advisory 2018-08-15
  
  • Affects Jenkins Core
• Jenkins Security Advisory 2018-07-30
  
  • Affects Plugins: AccuRev Agiletestware Pangolin Connector for TestRail Anchore Container Image Scanner Confluence Publisher Inedo BuildMaster Plugin Inedo ProGet Plugin Kubernetes Maven Artifact ChoiceListProvider (Nexus) meliora-testlab Publish Over CIFS Resource Disposer SaltStack Shelve Project SSH Agent Tinfoil Security TraceTronic ECU-TEST
• Jenkins Security Advisory 2018-07-18
  
  • Affects Jenkins Core
• Jenkins Security Advisory 2018-06-25
  
  • Affects Plugins: AWS CodeBuild AWS CodeDeploy AWS CodePipeline Badge CollabNet Plugins Configuration as Code Fortify CloudScan GitHub IBM z/OS Connector OpenStack Cloud SAML SSH Credentials URLTrigger
• Jenkins Security Advisory 2018-06-04
  
  • Affects Plugins: AbsInt Astrée blackduck-hub CAS Git GitHub GitHub Branch Source GitHub Pull Request Builder Kubernetes Synopsys Detect
• Jenkins Security Advisory 2018-05-09
  
  • Affects Jenkins Core
  • Affects Plugins: blackduck-hub Gitlab Hook Groovy Postbuild
• Jenkins Security Advisory 2018-04-16
  
  • Affects Plugins: Email Extension Google Login HTML Publisher S3 publisher
• Jenkins Security Advisory 2018-04-11
  
  • Affects Jenkins Core
• Jenkins Security Advisory 2018-03-26
  
  • Affects Plugins: Ansible Copy To Slave Cucumber Living Documentation GitHub Pull Request Builder Liquibase Runner Mailer Perforce Reverse Proxy Auth vSphere
• Jenkins Security Advisory 2018-02-26
  
  • Affects Plugins: Azure Slave Coverity CppNCSS Environment Injector Gerrit Trigger Git Google Play Android Publisher Job and Node ownership Mercurial promoted builds Subversion TestLink
• Jenkins Security Advisory 2018-02-14
  
  • Affects Jenkins Core
• Jenkins Security Advisory 2018-02-05
  
  • Affects Plugins: Android Lint CCM Credentials Binding JUnit Pipeline: Supporting APIs
• Jenkins Security Advisory 2018-01-22
  
  • Affects Plugins: Ant Checkstyle DRY FindBugs Pipeline: Nodes and Processes PMD Release Translation Assistance Warnings

2017

• Jenkins Security Advisory 2017-12-14 (core)
• Jenkins Security Advisory 2017-12-11 (plugin)
• Jenkins Security Advisory 2017-12-06 (plugin)
• Jenkins Security Advisory 2017-12-05 (core and plugins)
• Jenkins Security Advisory 2017-11-16 (plugin)
• Jenkins Security Advisory 2017-11-08 (core)
• Jenkins Security Advisory 2017-10-23 (plugins)
• Jenkins Security Advisory 2017-10-11 (core and plugins)
• Jenkins Security Advisory 2017-09-27 (core)
• Jenkins Security Advisory 2017-08-08 (plugin)
• Jenkins Security Advisory 2017-08-07 (plugins)
• Jenkins Security Advisory 2017-07-10 (plugins)
• Jenkins Security Advisory 2017-06-06 (plugin)
• Jenkins Security Advisory 2017-04-27 (plugin)
• Jenkins Security Advisory 2017-04-26 (core)
• Jenkins Security Advisory 2017-04-10 (plugins)
• Jenkins Security Advisory 2017-03-20 (plugins)
• Jenkins Security Advisory 2017-03-09 (plugin)
• Jenkins Security Advisory 2017-03-07 (plugin)
• Jenkins Security Advisory 2017-02-01 (core)

2016

• Jenkins Security Advisory 2016-11-16 (core)
• Jenkins Security Advisory 2016-07-27 (plugin)
• Jenkins Security Advisory 2016-06-20 (plugins)
• Jenkins Security Advisory 2016-05-11 (core)
• Jenkins Security Advisory 2016-04-11 (plugins)
• Jenkins Security Advisory 2016-02-24 (core)

2015

• Jenkins Security Advisory 2015-12-09 (core)
• Jenkins Security Advisory 2015-11-11 (core)
• Jenkins Security Advisory 2015-10-12 (plugin)
• Jenkins Security Advisory 2015-10-01 (other)
• Jenkins Security Advisory 2015-03-23 (core)
• Jenkins Security Advisory 2015-02-27 (core and plugins)

2014

• Jenkins Security Advisory 2014-10-30 (core)
• Jenkins Security Advisory 2014-10-15 (other)
• Jenkins Security Advisory 2014-10-01 (core and plugin)
• Jenkins Security Advisory 2014-02-14 (core)

2013

• Jenkins Security Advisory 2013-11-20 (plugins)
• Jenkins Security Advisory 2013-05-02 (core)
• Jenkins Security Advisory 2013-02-16 (core)
• Jenkins Security Advisory 2013-01-04 (core)

2012

• Jenkins Security Advisory 2012-11-20 (core)
• Jenkins Security Advisory 2012-09-17 (core and plugins)
• Jenkins Security Advisory 2012-03-05 (core)
• Jenkins Security Advisory 2012-01-24 (plugin)
• Jenkins Security Advisory 2012-01-12 (core)

2011

• Jenkins Security Advisory 2011-11-08 (core)
• Jenkins Security Advisory 2011-10-28 (plugin)
• Jenkins Security Advisory 2011-10-20 (plugin)

2010

• Hudson Security Advisory 2010-07-05 (core)