Jenkins 多插件高危漏洞总结 (沙箱绕过/命令注入/CSRF)
Security AdvisorySA-CORE-2026-001HighJenkins
Affected:
- script-security <= 1402.v94c9ce464861
- git-client <= 6.6.0
- workflow-cps <= 4331.vc06ed4658ff
- github-branch-source <= 1967.1969.v205fd594c821
- git-parameter <= 462.vdcf3df2ed2ca_
Fixed in:
- script-security >= 1402.vc96e74964250
- git-client >= 6.6.1
- workflow-cps >= 4331.4333.v50a_b_076c5199
- github-branch-source >= 1967.1970.v8d86979736546
- git-parameter >= 462.463.v496a_59f698e5
Referenced CVEs: CVE-2026-57293
文章内图片已隐藏以节省流量 · 升级 Pro 后可见图片及离线存档
本文由本平台从 www.jenkins.io 自动抓取,经 LLM 流水线清洗、双语翻译。版权归原作者。查看原文。