diff --git a/resources/artifact-ignores.properties b/resources/artifact-ignores.properties index 1880a0c62..06c332e5a 100644 --- a/resources/artifact-ignores.properties +++ b/resources/artifact-ignores.properties @@ -752,3 +752,6 @@ katalon = https://issues.jenkins.io/browse/JENKINS-69164 # Incompatible with Java 8, but does not require 2.357+ to restrict itself to Java 11 only releases of Jenkins trilead-api-1.71.v9e7860a_67a_df + +kubernetes-cd = https://www.jenkins.io/security/plugins/#suspensions + diff --git a/resources/warnings.json b/resources/warnings.json index 7c24af9fe..b8c53e516 100644 --- a/resources/warnings.json +++ b/resources/warnings.json @@ -13662,5 +13662,57 @@ "pattern": "([1-3]|4[.][0-8]|4[.]10|4[.]11[.][0-3]|4[.]9[.][0-2])(|[.-].+)" } ] + }, + { + "id": "SECURITY-2157", + "type": "plugin", + "name": "collabnet", + "message": "RabbitMQ password stored in plain text", + "url": "https://www.jenkins.io/security/advisory/2022-08-23/#SECURITY-2157", + "versions": [ + { + "lastVersion": "2.0.8", + "pattern": "(1|2[.]0[.][1-8])(|[.-].+)" + } + ] + }, + { + "id": "SECURITY-2448", + "type": "plugin", + "name": "kubernetes-cd", + "message": "RCE vulnerability", + "url": "https://www.jenkins.io/security/advisory/2022-08-23/#SECURITY-2448", + "versions": [ + { + "lastVersion": "2.3.1", + "pattern": ".*" + } + ] + }, + { + "id": "SECURITY-2765", + "type": "plugin", + "name": "jobConfigHistory", + "message": "Stored XSS vulnerability", + "url": "https://www.jenkins.io/security/advisory/2022-08-23/#SECURITY-2765", + "versions": [ + { + "lastVersion": "1165.v8cc9fd1f4597", + "pattern": "([12]|1119|113[39]|114[68]|115[56]|116[35])(|[.-].+)" + } + ] + }, + { + "id": "SECURITY-2796", + "type": "plugin", + "name": "git", + "message": "Improper masking of credentials", + "url": "https://www.jenkins.io/security/advisory/2022-08-23/#SECURITY-2796", + "versions": [ + { + "lastVersion": "4.11.4", + "pattern": "([1-3]|4[.][0-8]|4[.]10|4[.]11[.][0-4]|4[.]9[.][0-3])(|[.-].+)" + } + ] } ]