Serial number: AV24-556
Date: October 2, 2024
On October 2, 2024, Jenkins published a security advisory to address vulnerabilities in the following products:
- Jenkins weekly – version 2.478 and prior
- Jenkins LTS – version 2.462.2 and prior
- Credentials Plugin – version 1380.va_435002fa_924 and prior
- OpenId Connect Authentication Plugin – version 4.354.v321ce67a_1de8 and prior
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.
This alert was originated From: Canadian Centre for Cyber Security
https://cyber.gc.ca/en/alerts-advisories/jenkins-security-advisory-av24-556