Anomalous plugin installed

Detect installation of a plugin version with known vulnerabilities or manually installed in a Jenkins instance.

By monitoring changes in current installed plugins Xygeni sensor will report real-time advice for vulnerable plugins installed.

Although the Jenkins project has taken steps to address this issue and mitigate the risks associated with vulnerable plugins, there have been cases where vulnerable plugins were available on the Jenkins update site. It is ultimately the responsibility of administrators to ensure the security of their Jenkins instances.

This detector is supported by the following sensors: