Jenkins
What is CDF?
Jenkins X
Tekton
Spinnaker
Blog
Documentation
Use Jenkins
Extend Jenkins
Use-cases
- Android
- Bitbucket Server
- C/C++
- Docker
- Embedded
- GitHub
- Java
- PHP
- Continuous Delivery
- Python
- Ruby
Plugins
Community
Overview
Chat
Meet
Events
Issue Tracker
Mailing Lists
Wiki
Account Management
Special Interest Groups
- Advocacy and Outreach
- Chinese Localization
- Cloud Native
- Documentation
- Google Summer of Code
- Hardware and EDA
- Pipeline Authoring
- Platform
- User Experience
Subprojects
Overview
Blue Ocean
Evergreen
Google Summer of Code in Jenkins
Infrastructure
CI/CD and Jenkins Area Meetups
Jenkins Configuration as Code
Jenkins Remoting
About
Security
Press
Awards
Conduct
Artwork
English
中文 Chinese
Download
Security Advisories
This page lists all security advisories that have been published so far.
2020
Jenkins Security Advisory 2020-03-25
Affects Jenkins Core
Affects Plugins:
Artifactory
Azure Container Service
OpenShift Pipeline
Pipeline: AWS Steps
Queue cleanup
RapidDeploy
Jenkins Security Advisory 2020-03-09
Affects Plugins:
Audit Trail
Backlog
Cobertura
CryptoMove
DeployHub
Git
Literate
Logstash
Mac
OpenShift Deployer
P4
Quality Gates
Repository Connector
Rundeck
Script Security
Skytap Cloud CI
Sonar Quality Gates
Subversion Release Manager
Timestamper
Zephyr Enterprise Test Management
Zephyr for JIRA Test Management
Jenkins Security Advisory 2020-02-12
Affects Plugins:
Applatix
Azure AD
BMC Release Package and Deployment
Brakeman
Debian Package Builder
DigitalOcean
Dynamic Extended Choice Parameter
Eagle Tester
ECX Copy Data Management
FitNesse
Git Parameter
Google Kubernetes Engine
Harvest SCM
NUnit
Parasoft Environment Manager
Pipeline GitHub Notify Step
Pipeline: Groovy
RadarGun
S3 publisher
Script Security
Subversion
Jenkins Security Advisory 2020-01-29
Affects Jenkins Core
Affects Plugins:
Code Coverage API
Fortify
WebSphere Deployer
Jenkins Security Advisory 2020-01-15
Affects Plugins:
Amazon EC2
Gitlab Hook
Health Advisor by CloudBees
Redgate SQL Change Automation
Robot Framework
Sounds
2019
Jenkins Security Advisory 2019-12-17
Affects Plugins:
Alauda DevOps Pipeline
Alauda Kubernetes Suport
Build Failure Analyzer
buildgraph-view
Gerrit Trigger
Mantis
Maven Release Plug-in
Mission Control
Pipeline Aggregator View
RapidDeploy
Redgate SQL Change Automation
Rundeck
SCTMExecutor
Spira Importer
Team Concert
WebSphere Deployer
Weibo
Jenkins Security Advisory 2019-11-21
Affects Plugins:
Anchore Container Image Scanner
Google Compute Engine
Jira
QMetry for JIRA - Test Management
Script Security
Spira Importer
Support Core
Jenkins Security Advisory 2019-10-23
Affects Plugins:
360 FireLine
Bitbucket OAuth
build-metrics
Deploy WebLogic
Dynatrace Application Monitoring
ElasticBox Jenkins Kubernetes CI/CD
Global Post Script
Libvirt Slaves
Mattermost Notification
Sonar Gerrit
Zulip
Jenkins Security Advisory 2019-10-16
Affects Plugins:
Bumblebee HP ALM
Cadence vManager
CRX Content Package Deployer
Delphix
ElasticBox CI
Extensive Testing
Fortify on Demand
Google Kubernetes Engine
Google OAuth Credentials
iceScrum
NeoLoad
Oracle Cloud Infrastructure Compute Classic
Puppet Enterprise Pipeline
Rundeck
SOASTA CloudTest
Sofy.AI
View26 Test-Reporting
Jenkins Security Advisory 2019-10-01
Affects Plugins:
DingTalk
HTML Publisher
LDAP Email
Script Security
SourceGear Vault
Jenkins Security Advisory 2019-09-25
Affects Jenkins Core
Affects Plugins:
Aqua MicroScanner
Aqua Security Scanner
Assembla
Azure Event Grid Build Notifier
Call Remote Job
CodeScan
Data Theorem: CI/CD
elOyente
Gem Publisher
Git Changelog
GitLab Logo
Google Calendar
Inedo BuildMaster Plugin
Inedo ProGet Plugin
Kubernetes Pipeline - Arquillian Steps Kubernetes Pipeline - Kubernetes Steps
Log Parser
NeuVector Vulnerability Scanner
Project Inheritance
vFabric Application Director
Violation Comments to GitLab
Jenkins Security Advisory 2019-09-12
Affects Plugins:
Aqua Security Serverless Scanner
Beaker builder
Build Environment
Dashboard View
Git client
Script Security
Jenkins Security Advisory 2019-08-28
Affects Jenkins Core
Affects Plugins:
Deprecated: IBM AppScan
Splunk
Jenkins Security Advisory 2019-08-07
Affects Plugins:
Avatar
Build Pipeline
Codefresh Integration
Configuration as Code
eggPlant
File System SCM
Google Cloud Messaging Notification
Gitlab Authentication
JClouds
Mask Passwords
PegDown Formatter
Relution Enterprise Appstore Publisher
Simple Travis Pipeline Runner
TestLink
VMware Lab Manager Slaves
Wall Display Master Project
XL TestView
Jenkins Security Advisory 2019-07-31
Affects Plugins:
Amazon EC2
Configuration as Code
Google Kubernetes Engine
Maven Integration
Maven Release Plug-in
Pipeline: Shared Groovy Libraries
Script Security
Skytap Cloud CI
Jenkins Security Advisory 2019-07-17
Affects Jenkins Core
Jenkins Security Advisory 2019-07-11
Affects Plugins:
Caliper CI
Dependency Graph Viewer
Docker
Embeddable Build Status
Gogs
Mashup Portlets
Port Allocator
Jenkins Security Advisory 2019-06-11
Affects Plugins:
CloudBees Flow
JX Resources
Token Macro
Jenkins Security Advisory 2019-05-31
Affects Plugins:
Artifactory
Gitea
InfluxDB
Pipeline Maven Integration
Pipeline Remote Loader
Warnings Next Generation
Jenkins Security Advisory 2019-05-21
Affects Plugins:
Credentials
PAM Authentication
Jenkins Security Advisory 2019-04-30
Affects Plugins:
Ansible Tower
Aqua MicroScanner
Azure AD
GitHub Authentication
Koji
Self-Organizing Swarm Plug-in Modules
SiteMonitor
Static Analysis Utilities
Twitter
Jenkins Security Advisory 2019-04-17
Affects Plugins:
Azure PublisherSettings Credentials
GitLab
jira-ext
ontrack Jenkins
XebiaLabs XL Deploy
Jenkins Security Advisory 2019-04-10
Affects Jenkins Core
Jenkins Security Advisory 2019-04-03
Affects Plugins:
Amazon SNS Build Notifier
Aqua Security Scanner
Assembla Auth
Audit to Database
AWS CloudWatch Logs Publisher
AWS Elastic Beanstalk Publisher
aws-device-farm
Bitbucket Approve
Bugzilla
Chef Sinatra
CloudCoreo DeployTime
CloudShare Docker-Machine
crittercism-dsym
Crowd Integration
DeployHub
Diawi Upload
Fabric Beta Publisher
FTP publisher
Gearman
hockeyapp
Hyper.sh Commons
IRC
Jabber Server
jenkins-cloudformation-plugin
jenkins-reviewbot
Jira Issue Updater
Klaros-Testmanagement
Kmap
Koji
mabl
Minio Storage
Netsparker Cloud Scan
Nomad
Octopus Deploy
Official OWASP ZAP
Open STF
OpenID
OpenShift Deployer
Perfecto Mobile
Relution Enterprise Appstore Publisher
Sametime
Serena SRA Deploy
SOASTA CloudTest
StarTeam
TestFairy
Trac Publisher
Upload to pgyer
veracode-scanner
VMware Lab Manager Slaves
VMware vRealize Automation
VS Team Services Continuous Deployment
WebSphere Deployer
WildFly Deployer
youtrack-plugin
Zephyr Enterprise Test Management
Jenkins Security Advisory 2019-03-25
Affects Plugins:
Arxan MAM Publisher
Codebeamer Test Results Trend Updater
ECS publisher
Fortify on Demand
Lockable Resources
Pipeline: Groovy
PRQA
Script Security
Slack Notification
Jenkins Security Advisory 2019-03-06
Affects Plugins:
AppDynamics Dashboard
Azure VM Agents
Bitbar Run-in-Cloud
Email Extension
Groovy
Job DSL
Matrix Project
OSF Builder Suite For Salesforce Commerce Cloud :: Deploy
Pipeline: Groovy
Rabbit-MQ Publisher
Repository Connector
Script Security
Jenkins Security Advisory 2019-02-19
Affects Plugins:
Acunetix
Arxan MAM Publisher
Cloud Foundry
CloudBees Flow
JMS Messaging
Mattermost Notification
Octopus Deploy
Script Security
Jenkins Security Advisory 2019-01-28
Affects Plugins:
Active Directory
Blue Ocean
Config File Provider
Git
GitHub Authentication
Groovy
Job Import
Kanboard
Monitoring
OpenId Connect Authentication
Script Security
Token Macro
Warnings
Warnings Next Generation
Jenkins Security Advisory 2019-01-16
Affects Jenkins Core
Jenkins Security Advisory 2019-01-08
Affects Plugins:
Pipeline: Declarative
Pipeline: Groovy
Script Security
2018
Jenkins Security Advisory 2018-12-05
Affects Jenkins Core
Jenkins Security Advisory 2018-10-29
Affects Plugins:
Pipeline: Groovy
Script Security
Jenkins Security Advisory 2018-10-10
Affects Jenkins Core
Jenkins Security Advisory 2018-09-25
Affects Plugins:
Arachni Scanner
Argus Notifier
Artifactory
Chatter Notifier
Config File Provider
Crowd 2 Integration
Dimensions
Email Extension Template
Git Changelog
HipChat
Jira
Job Configuration History
JUnit
mesos
Metadata
Monitoring
MQ Notifier
PAM Authentication
Publish Over Dropbox
Rebuilder
SonarQube Scanner
Jenkins Security Advisory 2018-08-15
Affects Jenkins Core
Jenkins Security Advisory 2018-07-30
Affects Plugins:
AccuRev
Agiletestware Pangolin Connector for TestRail
Anchore Container Image Scanner
Confluence Publisher
Inedo BuildMaster Plugin
Inedo ProGet Plugin
Kubernetes
Maven Artifact ChoiceListProvider (Nexus)
meliora-testlab
Publish Over CIFS
Resource Disposer
SaltStack
Shelve Project
SSH Agent
Tinfoil Security
TraceTronic ECU-TEST
Jenkins Security Advisory 2018-07-18
Affects Jenkins Core
Jenkins Security Advisory 2018-06-25
Affects Plugins:
AWS CodeBuild
AWS CodeDeploy
AWS CodePipeline
Badge
CollabNet Plugins
Configuration as Code
Fortify CloudScan
GitHub
IBM z/OS Connector
OpenStack Cloud
SAML
SSH Credentials
URLTrigger
Jenkins Security Advisory 2018-06-04
Affects Plugins:
AbsInt Astrée
blackduck-detect
blackduck-hub
CAS
Git
GitHub
GitHub Branch Source
GitHub Pull Request Builder
Kubernetes
Jenkins Security Advisory 2018-05-09
Affects Jenkins Core
Affects Plugins:
blackduck-hub
Gitlab Hook
Groovy Postbuild
Jenkins Security Advisory 2018-04-16
Affects Plugins:
Email Extension
Google Login
HTML Publisher
S3 publisher
Jenkins Security Advisory 2018-04-11
Affects Jenkins Core
Jenkins Security Advisory 2018-03-26
Affects Plugins:
Ansible
Copy To Slave
Cucumber Living Documentation
GitHub Pull Request Builder
Liquibase Runner
Mailer
Perforce
Reverse Proxy Auth
vSphere
Jenkins Security Advisory 2018-02-26
Affects Plugins:
Azure Slave
Coverity
CppNCSS
Environment Injector
Gerrit Trigger
Git
Google Play Android Publisher
Job and Node ownership
Mercurial
promoted builds
Subversion
TestLink
Jenkins Security Advisory 2018-02-14
Affects Jenkins Core
Jenkins Security Advisory 2018-02-05
Affects Plugins:
Android Lint
CCM
Credentials Binding
JUnit
Pipeline: Supporting APIs
Jenkins Security Advisory 2018-01-22
Affects Plugins:
Ant
Checkstyle
DRY
FindBugs
Pipeline: Nodes and Processes
PMD
Release
Translation Assistance
Warnings
2017
Jenkins Security Advisory 2017-12-14 (core)
Jenkins Security Advisory 2017-12-11 (plugin)
Jenkins Security Advisory 2017-12-06 (plugin)
Jenkins Security Advisory 2017-12-05 (core and plugins)
Jenkins Security Advisory 2017-11-16 (plugin)
Jenkins Security Advisory 2017-11-08 (core)
Jenkins Security Advisory 2017-10-23 (plugins)
Jenkins Security Advisory 2017-10-11 (core and plugins)
Jenkins Security Advisory 2017-09-27 (core)
Jenkins Security Advisory 2017-08-08 (plugin)
Jenkins Security Advisory 2017-08-07 (plugins)
Jenkins Security Advisory 2017-07-10 (plugins)
Jenkins Security Advisory 2017-06-06 (plugin)
Jenkins Security Advisory 2017-04-27 (plugin)
Jenkins Security Advisory 2017-04-26 (core)
Jenkins Security Advisory 2017-04-10 (plugins)
Jenkins Security Advisory 2017-03-20 (plugins)
Jenkins Security Advisory 2017-03-09 (plugin)
Jenkins Security Advisory 2017-03-07 (plugin)
Jenkins Security Advisory 2017-02-01 (core)
2016
Jenkins Security Advisory 2016-11-16 (core)
Jenkins Security Advisory 2016-07-27 (plugin)
Jenkins Security Advisory 2016-06-20 (plugins)
Jenkins Security Advisory 2016-05-11 (core)
Jenkins Security Advisory 2016-04-11 (plugins)
Jenkins Security Advisory 2016-02-24 (core)
2015
Jenkins Security Advisory 2015-12-09 (core)
Jenkins Security Advisory 2015-11-11 (core)
Jenkins Security Advisory 2015-10-12 (plugin)
Jenkins Security Advisory 2015-10-01 (other)
Jenkins Security Advisory 2015-03-23 (core)
Jenkins Security Advisory 2015-02-27 (core and plugins)
2014
Jenkins Security Advisory 2014-10-30 (core)
Jenkins Security Advisory 2014-10-15 (other)
Jenkins Security Advisory 2014-10-01 (core and plugin)
Jenkins Security Advisory 2014-02-14 (core)
2013
Jenkins Security Advisory 2013-11-20 (plugins)
Jenkins Security Advisory 2013-05-02 (core)
Jenkins Security Advisory 2013-02-16 (core)
Jenkins Security Advisory 2013-01-04 (core)
2012
Jenkins Security Advisory 2012-11-20 (core)
Jenkins Security Advisory 2012-09-17 (core and plugins)
Jenkins Security Advisory 2012-03-05 (core)
Jenkins Security Advisory 2012-01-24 (plugin)
Jenkins Security Advisory 2012-01-12 (core)
2011
Jenkins Security Advisory 2011-11-08 (core)
Jenkins Security Advisory 2011-10-28 (plugin)
Jenkins Security Advisory 2011-10-20 (plugin)
2010
Hudson Security Advisory 2010-07-05 (core)