{"id":61935,"date":"2019-09-06T09:00:20","date_gmt":"2019-09-06T01:00:20","guid":{"rendered":"https:\/\/blog.trendmicro.com.tw\/?p=61935"},"modified":"2019-09-05T16:48:52","modified_gmt":"2019-09-05T08:48:52","slug":"%e8%97%8f%e5%9c%a8%e7%b4%94%e6%96%87%e5%ad%97%e6%aa%94%e7%9a%84jenkins%e5%a4%96%e6%8e%9b%e6%bc%8f%e6%b4%9e","status":"publish","type":"post","link":"https:\/\/blog.trendmicro.com.tw\/?p=61935","title":{"rendered":"\u85cf\u5728\u7d14\u6587\u5b57\u6a94\u7684Jenkins\u5916\u639b\u6f0f\u6d1e"},"content":{"rendered":"\n<p><\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"alignleft\"><img decoding=\"async\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2019\/08\/Vulnerability-200x125.jpg\" alt=\"\"\/><\/figure><\/div>\n\n\n\n<p>Jenkins\u662f\u4e00\u5957\u88ab\u5ee3\u6cdb\u4f7f\u7528\u7684\u958b\u6e90\u81ea\u52d5\u5316\u4f3a\u670d\u5668\uff0c\u8b93 <a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/definition\/devops?_ga=2.181651943.1969982195.1566184925-1532139796.1561107300\">DevOps<\/a> \u958b\u767c\u4eba\u54e1\u53ef\u4ee5\u6709\u6548\u7387\u4e14\u53ef\u9760\u5730\u5efa\u69cb\u3001\u6e2c\u8a66\u548c\u90e8\u7f72\u8edf\u9ad4\u3002\u70ba\u4e86\u8b93 Jenkins \u7684\u6a21\u7d44\u5316\u67b6\u69cb\u767c\u63ee\u6700\u5927\u4f5c\u7528\uff0c\u958b\u767c\u4eba\u54e1\u6703\u7528\u5916\u639b\u7a0b\u5f0f\u4f86\u64f4\u5145\u6838\u5fc3\u529f\u80fd\uff0c\u597d\u64f4\u5c55\u5efa\u69cb\u6642\u7684\u8173\u672c\u529f\u80fd\u3002\u5728\u672c\u6587\u64b0\u5beb\u6642\uff0cJenkins\u7684<a href=\"https:\/\/plugins.jenkins.io\/\">\u5916\u639b\u7a0b\u5f0f\u7d22\u5f15<\/a>\u88e1\u6709\u8d85\u904e1,600\u500b\u793e\u7fa4\u8ca2\u737b\u7684\u5916\u639b\u7a0b\u5f0f\u3002\u5176\u4e2d\u6709\u4e9b\u5916\u639b\u7a0b\u5f0f\u6703\u5132\u5b58\u672a\u52a0\u5bc6\u7684\u7d14\u6587\u5b57\u5e33\u5bc6\u3002\u4e00\u65e6\u767c\u751f\u8cc7\u6599\u5916\u6d29\uff0c\u7db2\u8def\u72af\u7f6a\u5206\u5b50\u5c31\u53ef\u80fd\u5728\u7d44\u7e54\u4e0d\u77e5\u60c5\u4e0b\u53d6\u5f97\u9019\u4e9b\u8cc7\u6599\u3002<\/p>\n\n\n\n<p>Jenkins\u5728<a href=\"https:\/\/jenkins.io\/security\/advisory\/2019-07-11\/\">7\u670811\u65e5<\/a>\u548c<a href=\"https:\/\/jenkins.io\/security\/advisory\/2019-07-11\/\">8\u67087\u65e5<\/a>\u767c\u5e03\u4e86\u8cc7\u5b89\u901a\u5831\uff0c\u5176\u4e2d\u5c31\u5305\u62ec\u4e86\u7528\u7d14\u6587\u5b57\u5132\u5b58\u5e33\u5bc6\u7684\u554f\u984c\u3002\u6211\u5011\u6703\u5728\u672c\u6587\u88e1\u8a0e\u8ad6\u6b64\u6f0f\u6d1e\u6703\u600e\u9ebc\u88ab\u5229\u7528\u4ee5\u53ca\u53d7\u5230\u5f71\u97ff\u7684\u5916\u639b\u7a0b\u5f0f\uff1a<\/p>\n\n\n\n<style>\n   table {border-collapse:collapse; table-layout:fixed; width:310px;}\n   table td {border:solid 1px ; width:100px; word-wrap:break-word;}\n   <\/style>\n\n<table  class=\"wp-block-table table table-hover\" ><tbody><tr><td>\n  <strong>CVE<\/strong><strong>\u7de8\u865f<\/strong>\n  <\/td><td>\n  <strong>\u5916\u639b\u7a0b\u5f0f\u540d\u7a31<\/strong>\n  <\/td><td>\n  <strong>\u66f4\u65b0\u7248\u672c\u5099\u8a3b<\/strong>\n  <\/td><\/tr><tr><td>\n  <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-10348\">CVE-2019-10348<\/a>\n  <\/td><td>\n  <a href=\"https:\/\/plugins.jenkins.io\/gogs-webhook\">Gogs<\/a>\n  <\/td><td>\n  Gogs\u5916\u639b\u7a0b\u5f0f\u7248\u672c1.0.15\n  <\/td><\/tr><tr><td>\n  <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-10350\">CVE-2019-10350<\/a>\n  <\/td><td>\n  <a href=\"https:\/\/plugins.jenkins.io\/port-allocator\">Port Allocator<\/a>\n  <\/td><td>\n  \u7576\u524d\u7248\u672c\u53ef\u80fd\u4e0d\u5b89\u5168\u3002\u5916\u639b\u7a0b\u5f0f\u53ef\u4ee5\u4f7f\u7528\u3002\u4e3b\u52d5\u5b89\u5168\u8b66\u544a\uff1a\u7528\u7d14\u6587\u5b57\u683c\u5f0f\u5132\u5b58\u5e33\u5bc6\n  <\/td><\/tr><tr><td>\n  <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-10351\">CVE-2019-10351<\/a>\n  <\/td><td>\n  <a href=\"https:\/\/plugins.jenkins.io\/caliper-ci\">Caliper CI<\/a>\n  <\/td><td>\n  \u4e3b\u52d5\u5b89\u5168\u8b66\u544a\uff1a\u7528\u7d14\u6587\u5b57\u683c\u5f0f\u5132\u5b58\u5e33\u5bc6\n  <\/td><\/tr><tr><td>\n  <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-10378\">CVE-2019-10378<\/a>\n  <\/td><td>\n  <a href=\"https:\/\/plugins.jenkins.io\/testlink\">TestLink<\/a>\n  <\/td><td>\n  \u76ee\u524d\u7248\u672c\u8ddf\u820a\u7248\u672c\u53ef\u80fd\u90fd\u4e0d\u5b89\u5168\u3002\u4e3b\u52d5\u5b89\u5168\u8b66\u544a\uff1a\u7528\u7d14\u6587\u5b57\u683c\u5f0f\u5132\u5b58\u5e33\u5bc6\n  <\/td><\/tr><tr><td>\n  <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-10385\">CVE-2019-10385<\/a>\n  <\/td><td>\n  <a href=\"https:\/\/plugins.jenkins.io\/eggplant-plugin\">eggPlant<\/a>\n  <\/td><td>\n  \u5916\u639b\u7a0b\u5f0f\u5df2\u505c\u7528\n  <\/td><\/tr><\/tbody><\/table>\n\n\n\n<p>\u88681. Jenkins\u5916\u639b\u7a0b\u5f0f\u51fa\u73fe\u7684\u6d29\u5bc6\u6f0f\u6d1e<\/p>\n\n\n\n<!--more-->\n\n\n\n<p>\u8981\u6ce8\u610f\u7684\u662f\uff0c\u76f4\u5230\u672c\u6587\u64b0\u5beb\u6642\uff0cPort Allocator\u3001TestLink\u548cCaliper CI\u5916\u639b\u7a0b\u5f0f\u7684\u6f0f\u6d1e\u90fd\u5c1a\u672a\u4fee\u5fa9\u3002eggPlant\u5916\u639b\u7a0b\u5f0f\u7684\u73fe\u4eca\u7248\u672c\u5df2\u88ab\u505c\u7528\u4e14\u4e0d\u5b89\u5168\u3002<\/p>\n\n\n\n<p><strong>\u53d6\u5f97\u5132\u5b58\u7684\u5e33\u5bc6<\/strong><\/p>\n\n\n\n<p>Jenkins\u5916\u639b\u7a0b\u5f0f\u7684\u6f0f\u6d1e\u53ef\u88ab\u7528\u4f86\u7aca\u53d6\u654f\u611f\u7684\u4f7f\u7528\u8005\u5e33\u5bc6\u3002\u7576\u6709\u5ef6\u4f38\u8b80\u53d6\u6b0a\u9650\u6216\u80fd\u5b58\u53d6\u4e3b\u6a94\u6848\u7cfb\u7d71\u7684\u4f7f\u7528\u8005\u5e33\u5bc6\u5916\u6d29\uff0c\u653b\u64ca\u8005\u5c31\u80fd\u5920\u5b58\u53d6\u5176\u4ed6\u6574\u5408\u7684\u670d\u52d9\n\u2013 \u7279\u5225\u662f\u7576\u4f7f\u7528\u8005\u5728\u4e0d\u540c\u5e73\u53f0\u6216\u670d\u52d9\u4f7f\u7528\u76f8\u540c\u7684\u5bc6\u78bc\u6642\u3002<\/p>\n\n\n\n<p>\u5916\u639b\u7a0b\u5f0f\u8a2d\u5b9a\u901a\u5e38\u7528XML\u6a94\u6848\u683c\u5f0f\u5132\u5b58\u5728<strong>$JENKINS_HOME<\/strong>\u6839\u76ee\u9304\u5167\uff0c\u8a72\u6a94\u6848\u5b9a\u7fa9\u4e86\u6bcf\u500b\u5916\u639b\u7a0b\u5f0f\u90fd\u5fc5\u9700\u7684\u7d50\u69cb\u548c\u8a2d\u7f6e\u3002\u5728\u5176\u4ed6\u6642\u5019\uff0c\u5916\u639b\u7a0b\u5f0f\u8a2d\u5b9a\u6703\u5132\u5b58\u6210\u4f5c\u696d\u8a2d\u5b9a\u7684\u4e00\u90e8\u5206\uff0c\u5982$JENKINS_HOME\/jobs\/new-job\/config.xml\u3002\u5982\u679c\u5e33\u5bc6\u662f\u5916\u639b\u7a0b\u5f0f\u8a2d\u5b9a\u7684\u4e00\u90e8\u5206\uff0c\u5b83\u5011\u61c9\u8a72\u88ab\u52a0\u5bc6\u5132\u5b58\uff0c\u4f46Gogs\u3001Port Allocator\u3001Caliper CI\u3001TestLink\u548ceggPlant\u7b49\u5916\u639b\u7a0b\u5f0f\u4e26\u975e\u9019\u6a23\u505a\u3002<\/p>\n\n\n\n<p>\u5b83\u5011\u4ee5\u672a\u52a0\u5bc6\u7684\u7d14\u6587\u5b57\u683c\u5f0f\u5132\u5b58\u5e33\u5bc6\uff1a<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2019\/08\/FIGURE-1-PLAIN-TEXT.jpg\" alt=\"A screenshot of a social media post\n\nDescription automatically generated\"\/><\/figure>\n\n\n\n<p>\u57161. \u7d14\u6587\u5b57\u5132\u5b58\u7684API token<\/p>\n\n\n\n<p>\u5132\u5b58\u5e33\u5bc6\u7684\u6b63\u78ba\u65b9\u6cd5\u662f\u7528\u7b2c\u4e09\u65b9\u5e33\u5bc6\u7a0b\u5f0f\uff0c\u5c31\u50cf\u662f<a href=\"https:\/\/plugins.jenkins.io\/credentials\">Credentials<\/a>\u5916\u639b\u7a0b\u5f0f\uff0c\u7136\u5f8c\u900f\u904e\u8a2d\u5b9a\u6a94\u5167<strong>credentialsId<\/strong>\u53c3\u7167\u3002\u6839\u64da\u898f\u6a21\u548c\u5176\u4ed6\u9700\u6c42\uff0c\u4e5f\u53ef\u4ee5\u4f7f\u7528<a href=\"https:\/\/javadoc.jenkins.io\/index.html?hudson\/util\/Secret.html\">Secret<\/a>\uff08\u4e5f\u662f\u52a0\u5bc6\u5132\u5b58\uff09\u4f86\u5132\u5b58\u5e33\u5bc6\u3002<\/p>\n\n\n\n<p>\u53ef\u4ee5\u8b80\u53d6\u8a2d\u5b9a\u6a94\u7684\u4f7f\u7528\u8005\u53ea\u6703\u770b\u5230\u53c3\u7167\u7528\u7684<strong>credentialsId<\/strong>\u3002\u5be6\u969b\u5e33\u5bc6\u5132\u5b58\u5728\u5225\u7684\u5730\u65b9\u3002<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2019\/08\/FIGURE-2.jpg\" alt=\"A screenshot of a cell phone\n\nDescription automatically generated\"\/><\/figure>\n\n\n\n<p>\u57162. <strong>credentialsID<\/strong>\u53c3\u7167<\/p>\n\n\n\n<p>\u9810\u8a2d\u5efa\u8b70\u5916\u639b\u5217\u8868\u5167\u7684Credentials\u5916\u639b\u7a0b\u5f0f\u88ab\u7528\u4f86\u5132\u5b58\u52a0\u5bc6\u5e33\u5bc6\u3002\u4ee5\u4e0b\u63cf\u8ff0\u4e86\u5e33\u5bc6\u5132\u5b58\u8a73\u7d30\u8cc7\u8a0a\u3002<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2019\/08\/FIGURE-3-900x309.png\" alt=\"A screenshot of a cell phone\n\nDescription automatically generated\"\/><\/figure>\n\n\n\n<p>\u57163. \u4f7f\u7528Jenkins Credentials\u53c3\u7167\u5132\u5b58\u5e33\u5bc6<\/p>\n\n\n\n<p>\u6b64\u5916\u639b\u7a0b\u5f0f\u5c07\u52a0\u5bc6\u904e\u7684\u5e33\u5bc6\u5132\u5b58\u5728<strong>$JENKINS_HOME\/credentials.xml<\/strong>\u3002<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2019\/08\/FIGURE-4.jpg\" alt=\"A screenshot of a social media post\n\nDescription automatically generated\"\/><\/figure>\n\n\n\n<p>\u57164. \u52a0\u5bc6\u5e33\u5bc6\u5132\u5b58\u7684\u7bc4\u4f8b<\/p>\n\n\n\n<p>\u5728\u4e0a\u9762\u7684\u7bc4\u4f8b\u4e2d\uff0c\u5bc6\u78bc\u7528base64\u7de8\u78bc\u5132\u5b58\u5728\u5927\u62ec\u865f\u5167\uff0cbase64\u662f\u7528\u4f86\u7de8\u78bc\u4e8c\u9032\u4f4d\u8cc7\u6599\u597d\u5728\u53ea\u8655\u7406\u6587\u5b57\u8cc7\u6599\u7684\u5e73\u53f0\u4e0a\u9032\u884c\u7de8\u78bc\u3001\u5132\u5b58\u548c\u50b3\u8f38\uff09\u3002\u6211\u5011\u4f7f\u7528base64\u89e3\u78bc\u5668\u5f8c\u53ef\u4ee5\u770b\u5230\u6709\u67d0\u4e9b\u7121\u6cd5\u5217\u5370\u7684\u5b57\u5143\u88ab\u7de8\u78bc\u3002<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2019\/08\/FIGURE-5.png\" alt=\"\"\/><\/figure>\n\n\n\n<p>\u5be6\u969b\u4e0a\uff0c\u52a0\u5bc6\u904e\u7684\u5bc6\u78bc\u53ca\u5f8c\u8a2d\u8cc7\u6599\u88ab\u4e00\u8d77\u7528base64\u9032\u884c\u7de8\u78bc\u3002<\/p>\n\n\n\n<p>\u89e3\u5bc6\u7528\u7684\u91d1\u9470\u88ab\u5beb\u5165\u6bcf\u500bJenkins instance\u3002\u597d\u6d88\u606f\u662f\u6bcf\u6b21\u5b89\u88ddJenkins\u90fd\u6703\u6709\u4e0d\u540c\u7684\u91d1\u9470\u3002\u91d1\u9470\u88ab\u52a0\u5bc6\u5132\u5b58\u5728<strong>$JENKINS_HOME\/secrets\/hudson.util.Secret<\/strong>\u3002\u6c92\u6709\u55ae\u4e00\u4e3b\u91d1\u9470\u53ef\u4ee5\u6253\u958b\u6240\u6709instance\u3002<strong>hudson.util.Secret<\/strong>\u6a94\u6848\u662f\u7528\u4e3b\u91d1\u9470\u7522\u751f\u7684\u91d1\u9470\u4ee5AES\u52a0\u5bc6 \u2013 \u4e5f\u662f\u6bcf\u6b21\u5b89\u88ddJenkins\u90fd\u4e0d\u540c\u3002<\/p>\n\n\n\n<p>\u6240\u4ee5\u5f88\u91cd\u8981\u7684\u662f\u5fc5\u9808\u4fdd\u8b77\u597d<strong>$JENKINS_HOME\/secrets<\/strong>\u76ee\u9304\u4e0d\u88ab\u4efb\u610f\u5b58\u53d6\uff0c\u624d\u4e0d\u6703\u8b93\u5132\u5b58\u7684\u5e33\u5bc6\u66b4\u9732\u51fa\u4f86\u3002\u5728\u4e3b\u7bc0\u9ede\u4e0a\u57f7\u884c\u4f5c\u696d\u6216\u5efa\u7f6e\u5c0e\u81f4\u7684\u6d3b\u52d5\u53ef\u80fd\u6703\u5f71\u97ff\u5230Jenkins\u6574\u9ad4\u7684\u5b89\u5168\u6027\uff0c\u5982\u5b89\u88dd\u5916\u639b\u7a0b\u5f0f\u3001\u5efa\u7acb\u65b0\u4f5c\u696d\u53ca\u8b80\u53d6\u548c\u53d6\u5f97\u5e33\u5bc6\u8207\u5176\u4ed6\u79c1\u5bc6\u8cc7\u6599\u3002\u5728\u4e3b\u7bc0\u9ede\u4e0a\u904b\u884c\u7684\u4f5c\u696d\u9084\u6703\u8b93\u8f03\u4f4e\u6b0a\u9650\u7684\u4f7f\u7528\u8005\u5e33\u6236\u53d6\u5f97\u7ba1\u7406\u54e1\u6b0a\u9650\uff0c\u8b93\u5b83\u53ef\u4ee5\u7528<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/jenkins-admins-relying-on-default-settings-could-put-master-at-risk-of-remote-code-execution-attacks\/\">shell\u547d\u4ee4<\/a>\u5370\u51fa\u6240\u6709\u5bc6\u78bc\u6a94\u3002<\/p>\n\n\n\n<p><strong>\u5b89\u5168\u5efa\u8b70<\/strong><\/p>\n\n\n\n<p>\u7528\u7d14\u6587\u5b57\u683c\u5f0f\u5132\u5b58\u5e33\u5bc6\u6703\u5c0d\u7d44\u7e54\u9020\u6210\u76f4\u63a5\u7684\u5a01\u8105\u3002\u540c\u6642\u7ba1\u7406\u54e1\u9084\u5fc5\u9808\u8a18\u5f97\uff0c\u6709\u6b0a\u9650\u5b58\u53d6 <strong>$JENKINS_HOME\/secrets<\/strong>\u76ee\u9304\u7684\u4f7f\u7528\u8005\u4e5f\u53ef\u4ee5\u5b58\u53d6\u5132\u5b58\u7684\u5e33\u5bc6\u3002<strong>$JENKINS_HOME\/hudson.util.Secret<\/strong> \u8207 <strong>$JENKINS_HOME\/secrets\/master.key<\/strong>\u662f\u7528\u4f86\u89e3\u5bc6\u5132\u5b58\u7684\u5bc6\u78bc\uff0c\u5982\u679c\u6d29\u9732\u6703\u5c0e\u81f4\u5132\u5b58\u7684\u5bc6\u78bc\u88ab\u89e3\u5bc6\u3002<\/p>\n\n\n\n<p>\u8ddf\u4efb\u4f55\u7684DevOps\u5de5\u5177\u4e00\u6a23\uff0cJenkins\u61c9\u8a72\u8981\u8003\u616e\u5230\u5b89\u5168\u6027\u3002Jenkins\u9810\u8a2d\u4e26\u4e0d\u6703\u57f7\u884c\u5b89\u5168\u6aa2\u67e5\u3002\u56e0\u6b64\uff0cJenkins\u5efa\u8b70\u4f7f\u7528\u8005\u8981\u9075\u5faa<a href=\"https:\/\/wiki.jenkins.io\/display\/JENKINS\/Jenkins+Best+Practices\">\u6700\u4f73\u5be6\u4f5c<\/a>\uff0c\u5305\u62ec\u5c0d\u4f7f\u7528\u8005\u9032\u884c\u8eab\u4efd\u8a8d\u8b49\u3001\u8981\u6c42\u5b58\u53d6\u63a7\u5236\uff0c\u4e0d\u8981\u5728\u4e3b\u7bc0\u9ede\u4e0a\u5efa\u7f6e\u6210\u66f4\u5927\u7684\u7cfb\u7d71\u3002\u5982\u679c\u5fc5\u9808\u5728\u4e3b\u7bc0\u9ede\u4e0a\u57f7\u884c\u4f5c\u696d\uff0cJenkins\u5efa\u8b70\u4f7f\u7528<a href=\"https:\/\/wiki.jenkins.io\/display\/JENKINS\/Job+Restrictions+Plugin\">Job\nRestrictions<\/a>\u5916\u639b\u7a0b\u5f0f\uff0c\u53ef\u4ee5\u6839\u64da\u4f7f\u7528\u8005\u6b0a\u9650\u4f86\u9650\u5236\u4f5c\u696d\u57f7\u884c\u6216\u7bc0\u9ede\u8a2d\u5b9a\u3002<\/p>\n\n\n\n<p>\u4f01\u696d\u53ef\u4ee5\u5229\u7528<a href=\"https:\/\/www.trendmicro.com\/zh_tw\/business\/products\/hybrid-cloud\/development-operations.html\">\u8da8\u52e2\u79d1\u6280\u7684DevOps\u5b89\u5168\u89e3\u6c7a\u65b9\u6848<\/a>\uff0c\u900f\u904eAPI\u5c07\u5b89\u5168\u6027\u878d\u5165\u958b\u767c\u6d41\u7a0b\uff0c\u9032\u800c\u6539\u5584\u958b\u767c\u9031\u671f\u4e26\u6e1b\u5c11\u4eba\u70ba\u63a5\u89f8\u548c\u932f\u8aa4\u3002\u9019\u6a23\u7684\u5b89\u5168\u89e3\u6c7a\u65b9\u6848\u9084\u53ef\u4ee5\u900f\u904e\u5feb\u901f\u5f97\u5230\u5b89\u5168\u56de\u994b\u4f86\u6e1b\u5c11\u958b\u767c\u6642\u7a0b\u548c\u5de5\u4f5c\u6d41\u4e2d\u65b7\uff0c\u4e26\u4e14\u4fdd\u8b77\u6620\u50cf\u6a94\u3001\u5bb9\u5668\u548c\u4e3b\u6a5f\u3002<\/p>\n\n\n\n<p>@\u539f\u6587\u51fa\u8655\uff1a<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/hiding-in-plain-text-jenkins-plugin-vulnerabilities\/\">Hiding\nin Plain Text: Jenkins Plugin Vulnerabilities<\/a> \u4f5c\u8005\uff1aDavid Fiser\uff08\u8cc7\u6df1\u7db2\u8def\u5a01\u8105\u7814\u7a76\u54e1\uff09<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Jenkins\u662f\u4e00\u5957\u88ab\u5ee3\u6cdb\u4f7f\u7528\u7684\u958b\u6e90\u81ea\u52d5\u5316\u4f3a\u670d\u5668\uff0c\u8b93 DevOps \u958b\u767c\u4eba\u54e1\u53ef\u4ee5\u6709\u6548\u7387\u4e14\u53ef\u9760\u5730\u5efa\u69cb\u3001\u6e2c\u8a66\u548c\u90e8\u7f72 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_wpscppro_dont_share_socialmedia":false,"_wpscppro_custom_social_share_image":0,"_facebook_share_type":"","_twitter_share_type":"","_linkedin_share_type":"","_pinterest_share_type":"","_linkedin_share_type_page":"","_instagram_share_type":"","_medium_share_type":"","_threads_share_type":"","_google_business_share_type":"","_selected_social_profile":[],"_wpsp_enable_custom_social_template":false,"_wpsp_social_scheduling":{"enabled":false,"datetime":null,"platforms":[],"status":"template_only","dateOption":"today","timeOption":"now","customDays":"","customHours":"","customDate":"","customTime":"","schedulingType":"absolute"},"_wpsp_active_default_template":true},"categories":[1268,3654,3347],"tags":[452,1283],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/61935"}],"collection":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=61935"}],"version-history":[{"count":0,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/61935\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=61935"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=61935"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=61935"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}