The Jenkins project takes security seriously. We make every possible effort to ensure users can adequately secure their automation infrastructure.
Missing: /url | Show results with:/url
This page lists all security advisories that have been published so far. This index is also available as an RSS feed. 2024. Jenkins Security Advisory 2024-05 ...
The "Enable Security" checkbox should always be enabled for any non-local (test) Jenkins environment. The "Security" section of the web UI allows a Jenkins ...
Jenkins – an open source automation server which enables developers around the world to reliably build, test, and deploy their software.
Jan 24, 2024 · This advisory announces vulnerabilities in the following Jenkins deliverables: Jenkins (core); Git server Plugin · GitLab Branch Source ...
This section aims to clarify the scope of issues handled by the Jenkins security team. When in doubt, we recommend you report issues to us as described above, ...
May 2, 2024 · Description: Script Security Plugin provides a sandbox feature that allows low privileged users to define scripts, including Pipelines, that are ...
Apr 25, 2024 · I setup Jenkins Version 2.455 on Oracle Linux 8. I installed some plugins. I seem to have problem with Durable Task plugin.
Oct 25, 2023 · This results in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. GitHub Plugin 1.37.
Jun 14, 2023 · As of publication of this advisory, we are aware of insufficiently escaped context menu URLs for label expressions, allowing attackers with Item ...