Security Advisories

This page lists all security advisories that have been published so far.

2019

Jenkins Security Advisory 2019-07-17
- Affects Jenkins Core
Jenkins Security Advisory 2019-07-11
- Affects Plugins: Caliper CI Dependency Graph Viewer Docker Embeddable Build Status Gogs Mashup Portlets Port Allocator
Jenkins Security Advisory 2019-06-11
- Affects Plugins: CloudBees Flow JX Resources Token Macro
Jenkins Security Advisory 2019-05-31
- Affects Plugins: Artifactory Gitea InfluxDB Pipeline Maven Integration Pipeline Remote Loader Warnings Next Generation
Jenkins Security Advisory 2019-05-21
- Affects Plugins: Credentials PAM Authentication
Jenkins Security Advisory 2019-04-30
- Affects Plugins: Ansible Tower Aqua MicroScanner Azure AD GitHub Authentication Koji Self-Organizing Swarm Plug-in Modules SiteMonitor Static Analysis Utilities Twitter
Jenkins Security Advisory 2019-04-17
- Affects Plugins: Azure PublisherSettings Credentials GitLab jira-ext ontrack Jenkins XebiaLabs XL Deploy
Jenkins Security Advisory 2019-04-10
- Affects Jenkins Core
Jenkins Security Advisory 2019-04-03
- Affects Plugins: Amazon SNS Build Notifier Aqua Security Scanner Assembla Auth Audit to Database AWS CloudWatch Logs Publisher AWS Elastic Beanstalk Publisher aws-device-farm Bitbucket Approve Bugzilla Chef Sinatra CloudCoreo DeployTime CloudShare Docker-Machine crittercism-dsym Crowd Integration DeployHub Diawi Upload Fabric Beta Publisher FTP publisher Gearman HockeyApp Hyper.sh Commons IRC Jabber Server jenkins-cloudformation-plugin jenkins-reviewbot Jira Issue Updater Klaros-Testmanagement Kmap Koji mabl Minio Storage Netsparker Cloud Scan Nomad OctopusDeploy Official OWASP ZAP Open STF openid OpenShift Deployer Perfecto Mobile Relution Enterprise Appstore Publisher Sametime Serena SRA Deploy SOASTA CloudTest StarTeam TestFairy Trac Publisher Upload to pgyer veracode-scanner VMware Lab Manager Slaves VMware vRealize Automation VS Team Services Continuous Deployment WebSphere Deployer WildFly Deployer youtrack-plugin Zephyr Enterprise Test Management
Jenkins Security Advisory 2019-03-25
- Affects Plugins: Arxan MAM Publisher Codebeamer Test Results Trend Updater ECS publisher Fortify on Demand Uploader Lockable Resources Pipeline: Groovy PRQA Script Security Slack Notification
Jenkins Security Advisory 2019-03-06
- Affects Plugins: AppDynamics Dashboard Azure VM Agents Bitbar Run-in-Cloud Email Extension Groovy Job DSL Matrix Project OSF Builder Suite For Salesforce Commerce Cloud :: Deploy Pipeline: Groovy Rabbit-MQ Publisher Repository Connector Script Security
Jenkins Security Advisory 2019-02-19
- Affects Plugins: Acunetix Arxan MAM Publisher Cloud Foundry CloudBees Flow JMS Messaging Mattermost Notification OctopusDeploy Script Security
Jenkins Security Advisory 2019-01-28
- Affects Plugins: Active Directory Blue Ocean Config File Provider Git GitHub Authentication Groovy Job Import Kanboard Monitoring OpenId Connect Authentication Script Security Token Macro Warnings Warnings Next Generation
Jenkins Security Advisory 2019-01-16
- Affects Jenkins Core
Jenkins Security Advisory 2019-01-08
- Affects Plugins: Pipeline: Declarative Pipeline: Groovy Script Security

2018

Jenkins Security Advisory 2018-12-05
- Affects Jenkins Core
Jenkins Security Advisory 2018-10-29
- Affects Plugins: Pipeline: Groovy Script Security
Jenkins Security Advisory 2018-10-10
- Affects Jenkins Core
Jenkins Security Advisory 2018-09-25
- Affects Plugins: Arachni Scanner Argus Notifier Artifactory Chatter Notifier Config File Provider Crowd 2 Integration Dimensions Email Extension Template Git Changelog HipChat JIRA Job Configuration History JUnit mesos Metadata Monitoring MQ Notifier PAM Authentication Publish Over Dropbox Rebuilder SonarQube Scanner
Jenkins Security Advisory 2018-08-15
- Affects Jenkins Core
Jenkins Security Advisory 2018-07-30
- Affects Plugins: AccuRev Agiletestware Pangolin Connector for TestRail Anchore Container Image Scanner Confluence Publisher Inedo BuildMaster Plugin Inedo ProGet Plugin Kubernetes Maven Artifact ChoiceListProvider (Nexus) meliora-testlab Publish Over CIFS Resource Disposer SaltStack Shelve Project SSH Agent Tinfoil Security TraceTronic ECU-TEST
Jenkins Security Advisory 2018-07-18
- Affects Jenkins Core
Jenkins Security Advisory 2018-06-25
- Affects Plugins: AWS CodeBuild AWS CodeDeploy AWS CodePipeline Badge CollabNet Plugins Configuration as Code Fortify CloudScan GitHub IBM z/OS Connector OpenStack Cloud SAML SSH Credentials URLTrigger
Jenkins Security Advisory 2018-06-04
- Affects Plugins: AbsInt Astrée blackduck-hub CAS Git GitHub GitHub Branch Source GitHub Pull Request Builder Kubernetes Synopsys Detect
Jenkins Security Advisory 2018-05-09
- Affects Jenkins Core
- Affects Plugins: blackduck-hub Gitlab Hook Groovy Postbuild
Jenkins Security Advisory 2018-04-16
- Affects Plugins: Email Extension Google Login HTML Publisher S3 publisher
Jenkins Security Advisory 2018-04-11
- Affects Jenkins Core
Jenkins Security Advisory 2018-03-26
- Affects Plugins: Ansible Copy To Slave Cucumber Living Documentation GitHub Pull Request Builder Liquibase Runner Mailer Perforce Reverse Proxy Auth vSphere
Jenkins Security Advisory 2018-02-26
- Affects Plugins: Azure Slave Coverity CppNCSS Environment Injector Gerrit Trigger Git Google Play Android Publisher Job and Node ownership Mercurial promoted builds Subversion TestLink
Jenkins Security Advisory 2018-02-14
- Affects Jenkins Core
Jenkins Security Advisory 2018-02-05
- Affects Plugins: Android Lint CCM Credentials Binding JUnit Pipeline: Supporting APIs
Jenkins Security Advisory 2018-01-22
- Affects Plugins: Ant Checkstyle DRY FindBugs Pipeline: Nodes and Processes PMD Release Translation Assistance Warnings

2017

2016

2015

2014

2013

2012

2011

2010

Hudson Security Advisory 2010-07-05 (core)