Viktor is a security consultant and the 2019 Jenkins Security MVP.
This is a speaker blog post for a DevOps World | Jenkins World 2019 talk in Lisbon, Portugal and has been posted in line with NCC Group responsible disclosure policy.
Related Jenkins security advisories:
Some of the vulnerabilities have been announced without a fix, see Jenkins Security Spring Cleaning 2019.
The most of the announced vulnerabilities are fixed at the moment of this blogpost publishing.
Come join us...