Serial number: AV24-658
Date: November 13, 2024
On November 13, 2024, Jenkins published a security advisory to address vulnerabilities in the following products:
- Authorize Project Plugin – version 1.7.2 and prior
- IvyTrigger Plugin – version 1.01 and prior
- OpenId Connect Authentication Plugin – version 4.418.vccc7061f5b_6d and prior
- Pipeline: Declarative Plugin – version 2.2214.vb_b_34b_2ea_9b_83 and prior
- Pipeline: Groovy Plugin – version 3990.vd281dd77a_388 and prior
- Script Security Plugin – version 1367.vdf2fc45f229c and prior
- Shared Library Version Override Plugin – version 17.v786074c9fce7 and prior
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.