Jenkins多插件安全公告:命令注入/沙箱绕过/CSRF等
Security AdvisoryHighJenkins
Affected:
- Script Security Plugin ≤ 1402.v94c9ce464861
- Git client Plugin ≤ 6.6.0
- Pipeline: Groovy Plugin ≤ 4331.vd056d4658ff
- GitHub Branch Source Plugin ≤ 1967.1969.v205fd594c821
- Git Parameter Plugin ≤ 462.vdcf3df2ed2ca_
Fixed in:
- Script Security Plugin ≥ 1402.vc96e74964250
- Git client Plugin ≥ 6.6.1
- Pipeline: Groovy Plugin ≥ 4331.4333.v50a_b_076c5199
- GitHub Branch Source Plugin ≥ 1967.1970.v8d6979736546
- Git Parameter Plugin ≥ 462.463.v496a_59f698e5
Referenced CVEs: CVE-2026-57296
文章内图片已隐藏以节省流量 · 升级 Pro 后可见图片及离线存档
本文由本平台从 www.jenkins.io 自动抓取,经 LLM 流水线清洗、双语翻译。版权归原作者。查看原文。