Jenkins Security Advisory: Multiple Plugin Vulnerabilities (XXE/CSRF/XSS/Creds)
Security AdvisorySECURITY-2019-12-17HighJenkins
Affected:
- Maven Release Plugin
- Gerrit Trigger Plugin
- Build Failure Analyzer Plugin
- Pipeline Aggregator View Plugin
- Rundeck Plugin
Fixed in:
- Build Failure Analyzer Plugin: 1.24.2
- Gerrit Trigger Plugin: 2.30.2
- Maven Release Plugin: 0.16.2
- Pipeline Aggregator View Plugin: 1.9
- Redgate SQL Change Automation Plugin: 2.0.4
参照 CVE: CVE-2019-16556
文章内图片已隐藏以节省流量 · 升级 Pro 后可见图片及离线存档
本文由本平台从 jenkins.io 自动抓取,经 LLM 流水线清洗、双语翻译。版权归原作者。查看原文。