The Jenkins project will publish a security advisory for Jenkins and Jenkins plugins on Wednesday, June 14.
It announces a security vulnerability that is already fixed in the latest weekly releases and Jenkins LTS 2.401.1. Its severity is 'High'.
Additionally, it announces security issues in Jenkins plugins. The highest severity is 'High' and affects plugins installed on less than 1% of known instances. The most popular included plugins are installed on between 1% and 3% of known instances and have 'Medium' severity issues. The advisory includes issues that will be published without a fix as outlined at
https://www.jenkins.io/security/plugins/