The developers of Jenkins recently patched several vulnerabilities, including a critical weakness that can be exploited by a remote attacker for arbitrary code execution.
Article Link: http://feedproxy.google.com/~r/Securityweek/~3/rChvtwCQmpA/critical-flaw-patched-jenkins-automation-server