Head Topics

Jenkins warns of security holes in these 25 plugins

United Kingdom News News

Jenkins warns of security holes in these 25 plugins
United Kingdom Latest News,United Kingdom Headlines
  • 📰 TheRegister
  • ⏱ Reading Time:
  • 47 sec. here
  • 2 min. at publisher
  • 📊 Quality Score:
  • News: 22%
  • Publisher: 61%

Relax, most of the vulnerabilities so far have, er, no fix

Jenkins, an open-source automation server for continuous integration and delivery , has published 34 security advisories covering 25 plugins used to extend the software.The vulnerabilities described include: cross-site scripting ; passwords, API keys, secrets, and tokens stored in plaintext; cross-site request forgery ; and missing and incorrect permission checks.

Jenkins, he said, is fairly common and can be taken as another example of an under-supported open-source platform.Indeed, for 21 out of the 25 cited plugins, no fixes are available.from June 22, covering 28 plugins and Jenkins core software. For 14 of these plugins, no fix is available. “These kinds of flaws are not uncommon – in past research at NCC Group, we’ve found vulnerabilities in over

," said Jennifer Fernick, SVP and global head of research at NCC Group, a security consultancy, in an email to"Concerningly, several of even the high-severity vulnerabilities in today’s advisory lack patches, leaving development teams using these plugins entirely vulnerable to attack. "This is particularly concerning given the highly privileged nature of automation tools such as Jenkins, and the ways in which insecure CI/CD pipelines can enable supply chain attacks during the software development process.”

We have summarized this news so that you can read it quickly. If you are interested in the news, you can read the full text here. Read more:

TheRegister /  🏆 67. in UK

United Kingdom Latest News, United Kingdom Headlines

Similar News:You can also read news stories similar to this one that we have collected from other news sources.

Barristers strike to demand 25% rise in fees as doctor walkout fears growBarristers strike to demand 25% rise in fees as doctor walkout fears growBARRISTERS went on strike yesterday seeking a 25 per cent hike in fees — as doctors threatened a walkout unless they get a 30 per cent rise. Crown courts in England and Wales all but ground to halt…
Read more »

Could Manchester United be 25 points better off with some decent coaching from Ten Hag?Could Manchester United be 25 points better off with some decent coaching from Ten Hag?It's a question. As is 'did Manchester United just have two great managers?' The Mailbox is fascinating as ever.
Read more »

Speed up your PC with these fresh new DRAM kits for 25% offSpeed up your PC with these fresh new DRAM kits for 25% offScore yourself some sweet DDR5 RAM during Corsair's one-day RAM sale.
Read more »

25 pictures from the 00s showing what the end of year prom looked like for Corpus Christi Catholic High School25 pictures from the 00s showing what the end of year prom looked like for Corpus Christi Catholic High SchoolProm date: 25 pictures from the 00s showing what the end of year prom looked like for Corpus Christi Catholic High School in Preston
Read more »

High on Life gets a release date of October 25 on Xbox Series X/S and PCHigh on Life gets a release date of October 25 on Xbox Series X/S and PCDeveloper Squanch Games has declared that upcoming offbeat bounty hunting sci-fi shooter High on Life will arrive on October 25.
Read more »

Selfish tourist pretended he needed wheelchair to skip two-hour airport queueSelfish tourist pretended he needed wheelchair to skip two-hour airport queueWolf Jenkins, 28, was warned 'what goes around, comes around' by a wheelchair user after he made a video about his antics.
Read more »



Render Time: 2025-02-24 20:18:58