Skip to main content

Jenkins Multiple Vulnerabilities

Release Date: 10 May 2024 2688 Views

RISK: Medium Risk

TYPE: Operating Systems - Mobile & Apps

TYPE: Mobile & Apps

Multiple vulnerabilities were identified in Jenkins. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, sensitive information disclosure, denial of service and security restriction bypass on the targeted system.


Impact

  • Remote Code Execution
  • Information Disclosure
  • Security Restriction Bypass
  • Denial of Service

System / Technologies affected

  • Git server Plugin up to and including 114.v068a_c7cc2574
  • Script Security Plugin up to and including 1335.vf07d9ce377a_e
  • Subversion Partial Release Manager Plugin up to and including 1.0.1
  • Telegram Bot Plugin up to and including 1.4.0

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

 


Vulnerability Identifier


Source


Related Link