Jenkins
Blog
Documentation
Use Jenkins
Extend Jenkins
Use-cases
- Android
- C/C++
- Docker
- Embedded
- GitHub
- Java
- PHP
- Continuous Delivery
- Python
- Ruby
Plugins
Community
Overview
Chat
Meet
Events
Issue Tracker
Mailing Lists
Wiki
Account Management
Special Interest Groups
- Chinese Localization
- Cloud Native
- Google Summer of Code
- Pipeline Authoring
- Platform
Sub-projects
Overview
Blue Ocean
Evergreen
Google Summer of Code in Jenkins
Infrastructure
Jenkins Area Meetups
Jenkins Configuration as Code
Jenkins X
Jenkins Remoting
About
Security
Press
Awards
Conduct
Artwork
Download
Security Advisories
This page lists all security advisories that have been published so far.
2018
Jenkins Security Advisory 2018-12-05
Affects Jenkins Core
Jenkins Security Advisory 2018-10-29
Affects Plugins:
Pipeline: Groovy
Script Security
Jenkins Security Advisory 2018-10-10
Affects Jenkins Core
Jenkins Security Advisory 2018-09-25
Affects Plugins:
Arachni Scanner
Argus Notifier
Artifactory
Chatter Notifier
Config File Provider
Crowd 2 Integration
Dimensions
Email Extension Template
Git Changelog
HipChat
JIRA
Job Configuration History
JUnit
mesos
Metadata
Monitoring
MQ Notifier
PAM Authentication
Publish Over Dropbox
Rebuilder
SonarQube Scanner
Jenkins Security Advisory 2018-08-15
Affects Jenkins Core
Jenkins Security Advisory 2018-07-30
Affects Plugins:
AccuRev
Agiletestware Pangolin Connector for TestRail
Anchore Container Image Scanner
Confluence Publisher
Inedo BuildMaster Plugin
Inedo ProGet Plugin
Kubernetes
Maven Artifact ChoiceListProvider (Nexus)
meliora-testlab
Publish Over CIFS
Resource Disposer
SaltStack
Shelve Project
SSH Agent
Tinfoil Security
TraceTronic ECU-TEST
Jenkins Security Advisory 2018-07-18
Affects Jenkins Core
Jenkins Security Advisory 2018-06-25
Affects Plugins:
AWS CodeBuild
AWS CodeDeploy
AWS CodePipeline
Badge
CollabNet Plugins
Configuration as Code
Fortify CloudScan
GitHub
IBM z/OS Connector
OpenStack Cloud
SAML
SSH Credentials
URLTrigger
Jenkins Security Advisory 2018-06-04
Affects Plugins:
AbsInt Astrée
Black Duck Detect
Black Duck Hub
CAS
Git
GitHub
GitHub Branch Source
GitHub Pull Request Builder
Kubernetes
Jenkins Security Advisory 2018-05-09
Affects Jenkins Core
Affects Plugins:
Black Duck Hub
Gitlab Hook
Groovy Postbuild
Jenkins Security Advisory 2018-04-16
Affects Plugins:
Email Extension
Google Login
HTML Publisher
S3 publisher
Jenkins Security Advisory 2018-04-11
Affects Jenkins Core
Jenkins Security Advisory 2018-03-26
Affects Plugins:
Ansible
Copy To Slave
Cucumber Living Documentation
GitHub Pull Request Builder
Liquibase Runner
Mailer
Perforce
Reverse Proxy Auth
vSphere
Jenkins Security Advisory 2018-02-26
Affects Plugins:
Azure Slave
Coverity
CppNCSS
Environment Injector
Gerrit Trigger
Git
Google Play Android Publisher
Job and Node ownership
Mercurial
promoted builds
Subversion
TestLink
Jenkins Security Advisory 2018-02-14
Affects Jenkins Core
Jenkins Security Advisory 2018-02-05
Affects Plugins:
Android Lint
CCM
Credentials Binding
JUnit
Pipeline: Supporting APIs
Jenkins Security Advisory 2018-01-22
Affects Plugins:
Ant
Checkstyle
DRY
FindBugs
Pipeline: Nodes and Processes
PMD
Release
Translation Assistance
Warnings
2017
Jenkins Security Advisory 2017-12-14 (core)
Jenkins Security Advisory 2017-12-11 (plugin)
Jenkins Security Advisory 2017-12-06 (plugin)
Jenkins Security Advisory 2017-12-05 (core and plugins)
Jenkins Security Advisory 2017-11-16 (plugin)
Jenkins Security Advisory 2017-11-08 (core)
Jenkins Security Advisory 2017-10-23 (plugins)
Jenkins Security Advisory 2017-10-11 (core and plugins)
Jenkins Security Advisory 2017-09-27 (core)
Jenkins Security Advisory 2017-08-08 (plugin)
Jenkins Security Advisory 2017-08-07 (plugins)
Jenkins Security Advisory 2017-07-10 (plugins)
Jenkins Security Advisory 2017-06-06 (plugin)
Jenkins Security Advisory 2017-04-27 (plugin)
Jenkins Security Advisory 2017-04-26 (core)
Jenkins Security Advisory 2017-04-10 (plugins)
Jenkins Security Advisory 2017-03-20 (plugins)
Jenkins Security Advisory 2017-03-09 (plugin)
Jenkins Security Advisory 2017-03-07 (plugin)
Jenkins Security Advisory 2017-02-01 (core)
2016
Jenkins Security Advisory 2016-11-16 (core)
Jenkins Security Advisory 2016-07-27 (plugin)
Jenkins Security Advisory 2016-06-20 (plugins)
Jenkins Security Advisory 2016-05-11 (core)
Jenkins Security Advisory 2016-04-11 (plugins)
Jenkins Security Advisory 2016-02-24 (core)
2015
Jenkins Security Advisory 2015-12-09 (core)
Jenkins Security Advisory 2015-11-11 (core)
Jenkins Security Advisory 2015-10-12 (plugin)
Jenkins Security Advisory 2015-10-01 (other)
Jenkins Security Advisory 2015-03-23 (core)
Jenkins Security Advisory 2015-02-27 (core and plugins)
2014
Jenkins Security Advisory 2014-10-30 (core)
Jenkins Security Advisory 2014-10-15 (other)
Jenkins Security Advisory 2014-10-01 (core and plugin)
Jenkins Security Advisory 2014-02-14 (core)
2013
Jenkins Security Advisory 2013-11-20 (plugins)
Jenkins Security Advisory 2013-05-02 (core)
Jenkins Security Advisory 2013-02-16 (core)
Jenkins Security Advisory 2013-01-04 (core)
2012
Jenkins Security Advisory 2012-11-20 (core)
Jenkins Security Advisory 2012-09-17 (core and plugins)
Jenkins Security Advisory 2012-03-05 (core)
Jenkins Security Advisory 2012-01-24 (plugin)
Jenkins Security Advisory 2012-01-12 (core)
2011
Jenkins Security Advisory 2011-11-08 (core)
Jenkins Security Advisory 2011-10-28 (plugin)
Jenkins Security Advisory 2011-10-20 (plugin)
2010
Hudson Security Advisory 2010-07-05 (core)