Jenkins security advisory (AV25-276)

Serial number: AV25-276
Date: May 14, 2025

On May 14, 2025, Jenkins published a security advisory to address vulnerabilities in the following products:

  • Cadence vManager Plugin – version 4.0.1-286.v9e25a_740b_a_48 and prior
  • DingTalk Plugin – version 2.7.3 and prior
  • Health Advisor by CloudBees Plugin – version 374.v194b_d4f0c8c8 and prior
  • OpenID Connect Provider Plugin – version 96.vee8ed882ec4d and prior
  • WSO2 Oauth Plugin – version 1.0 and prior

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

Date modified: