Ref# ADV2025_97 | Date: Apr 1st 2025

---

Jenkins has published a security advisory highlighting vulnerabilities in the following products on March 19th, 2025. It is recommended that you take the necessary precautions by ensuring your products are always updated.

• AnchorChain Plugin – version 1.0 and prior 
• EDDSA API Plugin – version 3.0-13.v7cb_69ed68f00 and prior 
• Zoho QEngine Plugin – version 0.29.vfa_cc23396502 and prior 

For more information on these updates, you can follow this URL: 

Jenkins Security Advisory 2025-03-19

The Guyana National CIRT recommends that users and administrators review this update and apply it where necessary.

PDF Download: Jenkins Security Advisory

References

• Jenkins Security Advisories. (March 19th, 2025). Retrieved from Jenkins. https://www.jenkins.io/security/advisories/
• Jenkins Security Advisory. (March 19th, 2025). Retrieved from Canadian Centre for Cyber Security. https://www.cyber.gc.ca/en/alerts-advisories/jenkins-security-advisory-av25-149