Jenkins Updates
1949Warning Date
Severity Level
Warning Number
Target Sector
1 July, 2021
● High
2021-3128
All
Description:
Jenkins has released a security updates to address multiple vulnerabilities in the following products:
- Jenkins weekly
- up to and including 2.299
- Jenkins LTS
- up to and including 2.289.1
- CAS Plugin
- up to and including 1.6.0
- requests-plugin Plugin
- up to and including 2.2.6
- requests-plugin Plugin
- up to and including 2.2.12
- requests-plugin Plugin
- up to and including 2.2.7
- Selenium HTML report Plugin
- up to and including 1.0
Threats:
Attacker could exploit these vulnerabilities by executing arbitrary code.
Best practice and Recommendations:
The CERT team encourages users to review Jenkins security advisory and apply the necessary updates: