Jenkins Security Advisory (January 29th, 2025)

Ref# ADV2025_19 | Date: Jan 29th 2025

Jenkins has published a security advisory highlighting vulnerabilities in the following products on January 22nd, 2025. It is recommended that you take the necessary precautions by ensuring your products are always updated. 

  • Azure Service Fabric Plugin – version 1.6 and prior  
  • Bitbucket Server Integration Plugin – version 4.1.3 and prior  
  • Eiffel Broadcaster Plugin – version 2.10.2 and prior  
  • Folder-based Authorization Strategy Plugin – version 17.vd5b_18537403e and prior  
  • GitLab Plugin – version 1.9.6 and prior  
  • OpenId Connect Authentication Plugin – version 4.452.v2849b_d3945fa_ and prior  
  • Zoom Plugin – up to and including 1.5 

For more information on these updates, you can follow these URLs: 

The Guyana National CIRT recommends that users and administrators review this update and apply it where necessary.

PDF Download: Jenkins Security Advisory

References