Jenkins多插件安全漏洞公告(RCE/任意文件读取/XSS)
Security AdvisoryUnknownJenkins
Affected:
- LDAP plugin <= 807.v7d7de30930cf
- Active Directory plugin <= 2.41
- Email Extension plugin <= 1933.v45cec755423f
- Pipeline: Groovy Libraries plugin <= 797.v90ea_a_9b_e45a_0
- Credentials Binding plugin <= 720.v3f6decef43ea_
Fixed in:
- LDAP plugin >= 807.809.vd3a_4e5e4ec98
- Active Directory plugin >= 2.41.1
- Email Extension plugin >= 1933.1935.v276319e3cc47
- Pipeline: Groovy Libraries plugin >= 798.v5cc688825312
- Credentials Binding plugin >= 725.ve52b_2328a_fde
Referenced CVEs: CVE-2026-48916 CVE-2026-48917
文章内图片已隐藏以节省流量 · 升级 Pro 后可见图片及离线存档
本文由本平台从 www.jenkins.io 自动抓取,经 LLM 流水线清洗、双语翻译。版权归原作者。查看原文。