Page MenuHomePhabricator

Jenkins plugins security advisory 2024-03-06
Closed, ResolvedPublic


The following Jenkins plugin updates contain fixes for security vulnerabilities:

  • AppSpider Plugin 1.0.17
  • Bitbucket Branch Source Plugin 871.v28d74e8b_4226
  • Delphix Plugin 3.0.2 and 3.1.1
  • HTML Publisher Plugin 1.32.1
  • MQ Notifier Plugin 1.4.1
  • OWASP Dependency-Check Plugin 5.4.6
  • Trilead API Plugin 2.141.v284120fd0c46

Additionally, we announce unresolved security issues in the following plugins:

  • Build Monitor View Plugin
  • docker-build-step Plugin
  • GitBucket Plugin
  • iceScrum Plugin
  • Subversion Partial Release Manager Plugin

Please see the advisory for more information:


TitleReferenceAuthorSource BranchDest Branch
jenkins-rel: updating plugin versions to address vulnerabilitiesrepos/releng/jenkins-deploy!49jnucheT359415master
Customize query in GitLab

Event Timeline

I've updated the releases instance.

I'll do the CI instance as soon as I can find the time.

jnuche claimed this task.

Both instances have now been updated.