
Security flaws in 100 Jenkins plugins put enterprise networks at risk - jmsflknr
https://www.zdnet.com/article/security-flaws-in-100-jenkins-plugins-put-enterprise-networks-at-risk/
======
bifrost
I wonder how many Jenkins exploits will lead people to put their Jenkins hosts
behind a perimiter? When is enough enough?

~~~
bdibs
Jenkins should be behind a perimeter regardless of active exploits, leaving it
open to the public internet is just asking for trouble.

~~~
bifrost
Yeah, but some people still seem to think leaving it out there is a good idea.
It baffles me frankly.

