2022-08-23 security advisory

resources/artifact-ignores.properties

@@ -752,3 +752,6 @@ katalon = https://issues.jenkins.io/browse/JENKINS-69164
 
 # Incompatible with Java 8, but does not require 2.357+ to restrict itself to Java 11 only releases of Jenkins
 trilead-api-1.71.v9e7860a_67a_df
+
+kubernetes-cd = https://www.jenkins.io/security/plugins/#suspensions
+

resources/warnings.json

@@ -13662,5 +13662,57 @@
         "pattern": "([1-3]|4[.][0-8]|4[.]10|4[.]11[.][0-3]|4[.]9[.][0-2])(|[.-].+)"
       }
     ]
+  },
+  {
+    "id": "SECURITY-2157",
+    "type": "plugin",
+    "name": "collabnet",
+    "message": "RabbitMQ password stored in plain text",
+    "url": "https://www.jenkins.io/security/advisory/2022-08-23/#SECURITY-2157",
+    "versions": [
+      {
+        "lastVersion": "2.0.8",
+        "pattern": "(1|2[.]0[.][1-8])(|[.-].+)"
+      }
+    ]
+  },
+  {
+    "id": "SECURITY-2448",
+    "type": "plugin",
+    "name": "kubernetes-cd",
+    "message": "RCE vulnerability",
+    "url": "https://www.jenkins.io/security/advisory/2022-08-23/#SECURITY-2448",
+    "versions": [
+      {
+        "lastVersion": "2.3.1",
+        "pattern": ".*"
+      }
+    ]
+  },
+  {
+    "id": "SECURITY-2765",
+    "type": "plugin",
+    "name": "jobConfigHistory",
+    "message": "Stored XSS vulnerability",
+    "url": "https://www.jenkins.io/security/advisory/2022-08-23/#SECURITY-2765",
+    "versions": [
+      {
+        "lastVersion": "1165.v8cc9fd1f4597",
+        "pattern": "([12]|1119|113[39]|114[68]|115[56]|116[35])(|[.-].+)"
+      }
+    ]
+  },
+  {
+    "id": "SECURITY-2796",
+    "type": "plugin",
+    "name": "git",
+    "message": "Improper masking of credentials",
+    "url": "https://www.jenkins.io/security/advisory/2022-08-23/#SECURITY-2796",
+    "versions": [
+      {
+        "lastVersion": "4.11.4",
+        "pattern": "([1-3]|4[.][0-8]|4[.]10|4[.]11[.][0-4]|4[.]9[.][0-3])(|[.-].+)"
+      }
+    ]
   }
 ]