A cross-site request forgery (CSRF) vulnerability in Jenkins promoted builds Plugin 3.9 and previous versions allows malicious users to to promote builds.
An incorrect permission check in Jenkins Role-based Authorization Strategy Plugin 31 and earlier allows attackers with Item/Read permission on nested items to access them, even if they lack Item/Read permission for parent folders ...
Jenkins is an open source automation server which enables developers around
the world to reliably build, test, and deploy their software
The following releases contain fixes for security vulnerabilities:
* Jenkins 2287
* Jenkins LTS 22772
* Micro Focus Application Automation Tools Plugin 68
* promoted builds Plugin 391
Summaries of the v ...