Jenkins多插件安全公告:含Sandbox绕过RCE及CSRF漏洞
Security AdvisorySA-CORE-2019-001HighJenkins
Affected:
- Jenkins Weekly 2.176.3 or earlier
- Jenkins LTS 2.176.2 or earlier
- IBM AppScan Plugin 1.2.4 or earlier
- Splunk Plugin 1.7.4 or earlier
Fixed in:
- Jenkins Weekly 2.192
- Jenkins LTS 2.176.3
- IBM AppScan Plugin 1.2.5
- Splunk Plugin 1.8.0
Referenced CVEs: CVE-2019-10391
文章内图片已隐藏以节省流量 · 升级 Pro 后可见图片及离线存档
本文由本平台从 jenkins.io 自动抓取,经 LLM 流水线清洗、双语翻译。版权归原作者。查看原文。