Your review has been sent successfully

Jenkins Alert

2926
Classification
These posts contain security alerts, including digital loopholes, electronic attacks, technical updates, and they are classified base on the level of severity.

Critical

High

Medium

Low

Most Viewed Warnings

Dell EMC Alert

● Critical

F5 Alert

● High

IBM Alert

● Critical

Fortinet Alert

● High

Red Hat Alert

● High

حملات تصيدية تستهدف مايكروسوفت تيمز (Microsoft Teams)

● High

Warning Date

Severity Level

Warning Number

Target Sector

16 March, 2022

● Medium

2022-4527

All

Description:

Jenkins has released a security update to address a vulnerabilities in the following products:

  • CloudBees AWS Credentials Plugin up to and including 189.v3551d5642995
  • Dashboard View Plugin up to and including 2.18
  • dbCharts Plugin up to and including 0.5.2
  • Environment Dashboard Plugin up to and including 1.1.10
  • Extended Choice Parameter Plugin up to and including 346.vd87693c5a_86c
  • Favorite Plugin up to and including 2.4.0
  • Folder-based Authorization Strategy Plugin up to and including 1.3
  • GitLab Authentication Plugin up to and including 1.13
  • global-build-stats Plugin up to and including 1.5
  • incapptic connect uploader Plugin up to and including 1.15
  • Kubernetes Continuous Deploy Plugin up to and including 2.3.1
  • List Git Branches Parameter Plugin up to and including 0.0.9
  • Parameterized Trigger Plugin up to and including 2.43
  • Release Helper Plugin up to and including 1.3.3
  • Semantic Versioning Plugin up to and including 1.13
  • Vmware vRealize CodeStream Plugin up to and including 1.2
Threats:

Attacker could exploit this vulnerabilities by doing the following:

  • Cross-site scripting (XSS)
  • Cross-site request forgery (CSRF)
Best practice and Recommendations:

The CERT team encourages users to update the affected versions and to review Jenkins security advisory:

Last updated at 16 March, 2022

Rate the content

rate-icon
up icon