Jenkins
Blog
Documentation
Use Jenkins
Extend Jenkins
Use-cases
- Android
- C/C++
- Docker
- Embedded
- GitHub
- Java
- PHP
- Continuous Delivery
- Python
- Ruby
Plugins
Community
Overview
Chat
Meet
Events
Issue Tracker
Mailing Lists
Wiki
Account Management
Special Interest Groups
- Advocacy and Outreach
- Chinese Localization
- Cloud Native
- Google Summer of Code
- Hardware and EDA
- Pipeline Authoring
- Platform
Sub-projects
Overview
Blue Ocean
Evergreen
Google Summer of Code in Jenkins
Infrastructure
Jenkins Area Meetups
Jenkins Configuration as Code
Jenkins X
Jenkins Remoting
About
Security
Press
Awards
Conduct
Artwork
English
中文 Chinese
Download
Security Advisories
This page lists all security advisories that have been published so far.
2019
Jenkins Security Advisory 2019-01-28
Affects Plugins:
Active Directory
Blue Ocean
Config File Provider
Git
GitHub Authentication
Groovy
Job Import
Kanboard
Monitoring
OpenId Connect Authentication
Script Security
Token Macro
Warnings
Warnings Next Generation
Jenkins Security Advisory 2019-01-16
Affects Jenkins Core
Jenkins Security Advisory 2019-01-08
Affects Plugins:
Pipeline: Declarative
Pipeline: Groovy
Script Security
2018
Jenkins Security Advisory 2018-12-05
Affects Jenkins Core
Jenkins Security Advisory 2018-10-29
Affects Plugins:
Pipeline: Groovy
Script Security
Jenkins Security Advisory 2018-10-10
Affects Jenkins Core
Jenkins Security Advisory 2018-09-25
Affects Plugins:
Arachni Scanner
Argus Notifier
Artifactory
Chatter Notifier
Config File Provider
Crowd 2 Integration
Dimensions
Email Extension Template
Git Changelog
HipChat
JIRA
Job Configuration History
JUnit
mesos
Metadata
Monitoring
MQ Notifier
PAM Authentication
Publish Over Dropbox
Rebuilder
SonarQube Scanner
Jenkins Security Advisory 2018-08-15
Affects Jenkins Core
Jenkins Security Advisory 2018-07-30
Affects Plugins:
AccuRev
Agiletestware Pangolin Connector for TestRail
Anchore Container Image Scanner
Confluence Publisher
Inedo BuildMaster Plugin
Inedo ProGet Plugin
Kubernetes
Maven Artifact ChoiceListProvider (Nexus)
meliora-testlab
Publish Over CIFS
Resource Disposer
SaltStack
Shelve Project
SSH Agent
Tinfoil Security
TraceTronic ECU-TEST
Jenkins Security Advisory 2018-07-18
Affects Jenkins Core
Jenkins Security Advisory 2018-06-25
Affects Plugins:
AWS CodeBuild
AWS CodeDeploy
AWS CodePipeline
Badge
CollabNet Plugins
Configuration as Code
Fortify CloudScan
GitHub
IBM z/OS Connector
OpenStack Cloud
SAML
SSH Credentials
URLTrigger
Jenkins Security Advisory 2018-06-04
Affects Plugins:
AbsInt Astrée
Black Duck Detect
Black Duck Hub
CAS
Git
GitHub
GitHub Branch Source
GitHub Pull Request Builder
Kubernetes
Jenkins Security Advisory 2018-05-09
Affects Jenkins Core
Affects Plugins:
Black Duck Hub
Gitlab Hook
Groovy Postbuild
Jenkins Security Advisory 2018-04-16
Affects Plugins:
Email Extension
Google Login
HTML Publisher
S3 publisher
Jenkins Security Advisory 2018-04-11
Affects Jenkins Core
Jenkins Security Advisory 2018-03-26
Affects Plugins:
Ansible
Copy To Slave
Cucumber Living Documentation
GitHub Pull Request Builder
Liquibase Runner
Mailer
Perforce
Reverse Proxy Auth
vSphere
Jenkins Security Advisory 2018-02-26
Affects Plugins:
Azure Slave
Coverity
CppNCSS
Environment Injector
Gerrit Trigger
Git
Google Play Android Publisher
Job and Node ownership
Mercurial
promoted builds
Subversion
TestLink
Jenkins Security Advisory 2018-02-14
Affects Jenkins Core
Jenkins Security Advisory 2018-02-05
Affects Plugins:
Android Lint
CCM
Credentials Binding
JUnit
Pipeline: Supporting APIs
Jenkins Security Advisory 2018-01-22
Affects Plugins:
Ant
Checkstyle
DRY
FindBugs
Pipeline: Nodes and Processes
PMD
Release
Translation Assistance
Warnings
2017
Jenkins Security Advisory 2017-12-14 (core)
Jenkins Security Advisory 2017-12-11 (plugin)
Jenkins Security Advisory 2017-12-06 (plugin)
Jenkins Security Advisory 2017-12-05 (core and plugins)
Jenkins Security Advisory 2017-11-16 (plugin)
Jenkins Security Advisory 2017-11-08 (core)
Jenkins Security Advisory 2017-10-23 (plugins)
Jenkins Security Advisory 2017-10-11 (core and plugins)
Jenkins Security Advisory 2017-09-27 (core)
Jenkins Security Advisory 2017-08-08 (plugin)
Jenkins Security Advisory 2017-08-07 (plugins)
Jenkins Security Advisory 2017-07-10 (plugins)
Jenkins Security Advisory 2017-06-06 (plugin)
Jenkins Security Advisory 2017-04-27 (plugin)
Jenkins Security Advisory 2017-04-26 (core)
Jenkins Security Advisory 2017-04-10 (plugins)
Jenkins Security Advisory 2017-03-20 (plugins)
Jenkins Security Advisory 2017-03-09 (plugin)
Jenkins Security Advisory 2017-03-07 (plugin)
Jenkins Security Advisory 2017-02-01 (core)
2016
Jenkins Security Advisory 2016-11-16 (core)
Jenkins Security Advisory 2016-07-27 (plugin)
Jenkins Security Advisory 2016-06-20 (plugins)
Jenkins Security Advisory 2016-05-11 (core)
Jenkins Security Advisory 2016-04-11 (plugins)
Jenkins Security Advisory 2016-02-24 (core)
2015
Jenkins Security Advisory 2015-12-09 (core)
Jenkins Security Advisory 2015-11-11 (core)
Jenkins Security Advisory 2015-10-12 (plugin)
Jenkins Security Advisory 2015-10-01 (other)
Jenkins Security Advisory 2015-03-23 (core)
Jenkins Security Advisory 2015-02-27 (core and plugins)
2014
Jenkins Security Advisory 2014-10-30 (core)
Jenkins Security Advisory 2014-10-15 (other)
Jenkins Security Advisory 2014-10-01 (core and plugin)
Jenkins Security Advisory 2014-02-14 (core)
2013
Jenkins Security Advisory 2013-11-20 (plugins)
Jenkins Security Advisory 2013-05-02 (core)
Jenkins Security Advisory 2013-02-16 (core)
Jenkins Security Advisory 2013-01-04 (core)
2012
Jenkins Security Advisory 2012-11-20 (core)
Jenkins Security Advisory 2012-09-17 (core and plugins)
Jenkins Security Advisory 2012-03-05 (core)
Jenkins Security Advisory 2012-01-24 (plugin)
Jenkins Security Advisory 2012-01-12 (core)
2011
Jenkins Security Advisory 2011-11-08 (core)
Jenkins Security Advisory 2011-10-28 (plugin)
Jenkins Security Advisory 2011-10-20 (plugin)
2010
Hudson Security Advisory 2010-07-05 (core)