Ref# ADV2025_312 | Date: Sep 4th 2025

---

Jenkins has published a security advisory highlighting vulnerabilities in the following products on September 3rd, 2025. It is recommended that you take the necessary precautions by ensuring your products are always updated. 

• Git Client Plugin – version 6.3.2 and prior 
• Jakarta Mail API Plugin – version 2.1.3-2 and prior 
• Global-build-stats Plugin – version 322.v22f4db_18e2dd and prior 
• OpenTelemetry Plugin – version 3.1543.v8446b_92b_cd64 and prior 

For more information on these updates, you can follow these URLs: 

• Jenkins Security Advisory 2025-09-03 

• Jenkins Security Advisories 

The Guyana National CIRT recommends that users and administrators review these updates and apply them where necessary. 

PDF Download: Jenkins Security Advisory

References 

• Jenkins Security Advisories. (September 3rd, 2025). Retrieved from Jenkins. https://www.jenkins.io/security/advisories/  

• Jenkins Security Advisory. (September 4th, 2025). Retrieved from Canadian Centre for Cyber Security. https://www.cyber.gc.ca/en/alerts-advisories/jenkins-security-advisory-av25-564