Program Removed
This program is no longer available on YesWeHack. The scope data shown below is historical and may not reflect the final state of the program.
jenkins-bug-bounty-program
34
In Scope
6
Out of Scope
In-Scope Assets (34)
| Asset | Category | Bounty | Quick Links | |
|---|---|---|---|---|
| https://github.com/jenkinsci/credentials-binding-plugin | CODE | Yes | - | |
| https://github.com/jenkinsci/credentials-plugin | CODE | Yes | - | |
| https://github.com/jenkinsci/git-client-plugin | CODE | Yes | - | |
| https://github.com/jenkinsci/git-plugin | CODE | Yes | - | |
| https://github.com/jenkinsci/github-branch-source-plugin | OPEN-SOURCE | Yes | - | |
| https://github.com/jenkinsci/github-branch-source-plugin | CODE | Yes | - | |
| https://github.com/jenkinsci/github-plugin | OPEN-SOURCE | Yes | - | |
| https://github.com/jenkinsci/github-plugin | CODE | Yes | - | |
| https://github.com/jenkinsci/jelly | CODE | Yes | - | |
| https://github.com/jenkinsci/jenkins | CODE | Yes | - | |
| https://github.com/jenkinsci/ldap-plugin | CODE | Yes | - | |
| https://github.com/jenkinsci/matrix-auth-plugin | CODE | Yes | - | |
| https://github.com/jenkinsci/pipeline-build-step-plugin | OPEN-SOURCE | Yes | - | |
| https://github.com/jenkinsci/pipeline-build-step-plugin | CODE | Yes | - | |
| https://github.com/jenkinsci/pipeline-groovy-lib-plugin | CODE | Yes | - | |
| https://github.com/jenkinsci/pipeline-groovy-lib-plugin | OPEN-SOURCE | Yes | - | |
| https://github.com/jenkinsci/pipeline-input-step-plugin | CODE | Yes | - | |
| https://github.com/jenkinsci/pipeline-input-step-plugin | OPEN-SOURCE | Yes | - | |
| https://github.com/jenkinsci/pipeline-stage-step-plugin | CODE | Yes | - | |
| https://github.com/jenkinsci/pipeline-stage-step-plugin | OPEN-SOURCE | Yes | - | |
| https://github.com/jenkinsci/plain-credentials-plugin | CODE | Yes | - | |
| https://github.com/jenkinsci/remoting | CODE | Yes | - | |
| https://github.com/jenkinsci/remoting | OPEN-SOURCE | Yes | - | |
| https://github.com/jenkinsci/script-security-plugin | CODE | Yes | - | |
| https://github.com/jenkinsci/ssh-agents-plugin | CODE | Yes | - | |
| https://github.com/jenkinsci/ssh-credentials-plugin | CODE | Yes | - | |
| https://github.com/jenkinsci/stapler | CODE | Yes | - | |
| https://github.com/jenkinsci/winstone | CODE | Yes | - | |
| https://github.com/jenkinsci/workflow-cps-plugin | CODE | Yes | - | |
| https://github.com/jenkinsci/workflow-multibranch-plugin | CODE | Yes | - | |
| https://github.com/jenkinsci/workflow-multibranch-plugin | OPEN-SOURCE | Yes | - | |
| https://github.com/jenkinsci/workflow-scm-step-plugin | CODE | Yes | - | |
| https://github.com/jenkinsci/workflow-support-plugin | OPEN-SOURCE | Yes | - | |
| https://github.com/jenkinsci/workflow-support-plugin | CODE | Yes | - |
Out-of-Scope Assets (6)
| Asset | Category | Bounty | |
|---|---|---|---|
| any components/plugins not explicitly included are not in scope (e.g. forks, libraries or packages) | OTHER | Yes | |
| docker images are not in scope for this program | OTHER | Yes | |
| everything from https://www.jenkins.io/security/reporting/#non-issues, and in addition the following items | OTHER | Yes | |
| jenkins installers are not in scope | OTHER | Yes | |
| jenkins instances hosted by users are not in scope | OTHER | Yes | |
| jenkins project infrastructure (the one hosted by the project) is not in scope | OTHER | Yes |
Scope Changes (100)
Mar 6, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Program Removed | — | — | — | 16:39 |
Feb 25, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | https://github.com/jenkinsci/stapler | CODE | In Scope | 19:08 |
| Added | https://github.com/jenkinsci/workflow-cps-plugin | CODE | In Scope | 19:08 |
| Added | https://github.com/jenkinsci/ssh-agents-plugin | CODE | In Scope | 19:08 |
| Added | https://github.com/jenkinsci/git-plugin | CODE | In Scope | 19:08 |
| Added | https://github.com/jenkinsci/pipeline-groovy-lib-plugin | CODE | In Scope | 19:08 |
| Added | https://github.com/jenkinsci/winstone | CODE | In Scope | 19:08 |
| Added | https://github.com/jenkinsci/credentials-plugin | CODE | In Scope | 19:08 |
| Added | https://github.com/jenkinsci/credentials-binding-plugin | CODE | In Scope | 19:08 |
| Added | https://github.com/jenkinsci/matrix-auth-plugin | CODE | In Scope | 19:08 |
| Added | https://github.com/jenkinsci/jelly | CODE | In Scope | 19:08 |
| Added | https://github.com/jenkinsci/remoting | CODE | In Scope | 19:08 |
| Added | jenkins installers are not in scope | OTHER | Out of Scope | 19:08 |
| Added | https://github.com/jenkinsci/pipeline-build-step-plugin | CODE | In Scope | 19:08 |
| Added | any components/plugins not explicitly included are not in scope (e.g. forks, libraries or packages) | OTHER | Out of Scope | 19:08 |
| Added | https://github.com/jenkinsci/plain-credentials-plugin | CODE | In Scope | 19:08 |
| Added | https://github.com/jenkinsci/workflow-scm-step-plugin | CODE | In Scope | 19:08 |
| Added | jenkins project infrastructure (the one hosted by the project) is not in scope | OTHER | Out of Scope | 19:08 |
| Added | jenkins instances hosted by users are not in scope | OTHER | Out of Scope | 19:08 |
| Added | https://github.com/jenkinsci/jenkins | CODE | In Scope | 19:08 |
| Added | https://github.com/jenkinsci/github-plugin | CODE | In Scope | 19:08 |
| Added | https://github.com/jenkinsci/pipeline-input-step-plugin | CODE | In Scope | 19:08 |
| Added | docker images are not in scope for this program | OTHER | Out of Scope | 19:08 |
| Added | https://github.com/jenkinsci/ldap-plugin | CODE | In Scope | 19:08 |
| Added | https://github.com/jenkinsci/workflow-multibranch-plugin | CODE | In Scope | 19:08 |
| Added | everything from https://www.jenkins.io/security/reporting/#non-issues, and in addition the following items | OTHER | Out of Scope | 19:08 |
| Added | https://github.com/jenkinsci/script-security-plugin | CODE | In Scope | 19:08 |
| Added | https://github.com/jenkinsci/git-client-plugin | CODE | In Scope | 19:08 |
| Added | https://github.com/jenkinsci/workflow-support-plugin | CODE | In Scope | 19:08 |
| Added | https://github.com/jenkinsci/github-branch-source-plugin | CODE | In Scope | 19:08 |
| Added | https://github.com/jenkinsci/pipeline-stage-step-plugin | CODE | In Scope | 19:08 |
| Added | https://github.com/jenkinsci/ssh-credentials-plugin | CODE | In Scope | 19:08 |
| Added | https://github.com/jenkinsci/remoting | OPEN-SOURCE | In Scope | 11:08 |
| Added | https://github.com/jenkinsci/workflow-multibranch-plugin | OPEN-SOURCE | In Scope | 11:08 |
| Added | https://github.com/jenkinsci/github-plugin | OPEN-SOURCE | In Scope | 11:08 |
| Added | https://github.com/jenkinsci/github-branch-source-plugin | OPEN-SOURCE | In Scope | 11:08 |
| Added | https://github.com/jenkinsci/workflow-support-plugin | OPEN-SOURCE | In Scope | 11:08 |
| Added | https://github.com/jenkinsci/pipeline-stage-step-plugin | OPEN-SOURCE | In Scope | 11:08 |
| Added | https://github.com/jenkinsci/pipeline-input-step-plugin | OPEN-SOURCE | In Scope | 11:08 |
| Added | https://github.com/jenkinsci/pipeline-build-step-plugin | OPEN-SOURCE | In Scope | 11:08 |
| Added | https://github.com/jenkinsci/pipeline-groovy-lib-plugin | OPEN-SOURCE | In Scope | 11:08 |
| Added | https://github.com/jenkinsci/github-plugin | CODE | In Scope | 11:08 |
| Added | https://github.com/jenkinsci/pipeline-input-step-plugin | CODE | In Scope | 11:08 |
| Added | https://github.com/jenkinsci/pipeline-build-step-plugin | CODE | In Scope | 11:08 |
| Added | https://github.com/jenkinsci/pipeline-groovy-lib-plugin | CODE | In Scope | 11:08 |
| Added | https://github.com/jenkinsci/workflow-multibranch-plugin | CODE | In Scope | 11:08 |
| Added | https://github.com/jenkinsci/workflow-support-plugin | CODE | In Scope | 11:08 |
| Added | https://github.com/jenkinsci/github-branch-source-plugin | CODE | In Scope | 11:08 |
| Added | https://github.com/jenkinsci/pipeline-stage-step-plugin | CODE | In Scope | 11:08 |
| Added | https://github.com/jenkinsci/remoting | CODE | In Scope | 11:08 |
Feb 22, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | any components/plugins not explicitly included are not in scope (e.g. forks, libraries or packages) | OTHER | Out of Scope | 00:51 |
| Added | https://github.com/jenkinsci/ssh-agents-plugin | CODE | In Scope | 00:51 |
| Added | https://github.com/jenkinsci/jenkins | CODE | In Scope | 00:51 |
| Added | https://github.com/jenkinsci/credentials-plugin | CODE | In Scope | 00:51 |
| Added | https://github.com/jenkinsci/workflow-cps-plugin | CODE | In Scope | 00:51 |
| Added | https://github.com/jenkinsci/ldap-plugin | CODE | In Scope | 00:51 |
| Added | https://github.com/jenkinsci/ssh-credentials-plugin | CODE | In Scope | 00:51 |
| Added | https://github.com/jenkinsci/plain-credentials-plugin | CODE | In Scope | 00:51 |
| Added | jenkins instances hosted by users are not in scope | OTHER | Out of Scope | 00:51 |
| Added | https://github.com/jenkinsci/stapler | CODE | In Scope | 00:51 |
| Added | https://github.com/jenkinsci/winstone | CODE | In Scope | 00:51 |
| Added | https://github.com/jenkinsci/git-plugin | CODE | In Scope | 00:51 |
| Added | everything from https://www.jenkins.io/security/reporting/#non-issues, and in addition the following items | OTHER | Out of Scope | 00:51 |
| Added | jenkins installers are not in scope | OTHER | Out of Scope | 00:51 |
| Added | jenkins project infrastructure (the one hosted by the project) is not in scope | OTHER | Out of Scope | 00:51 |
| Added | https://github.com/jenkinsci/script-security-plugin | CODE | In Scope | 00:51 |
| Added | https://github.com/jenkinsci/matrix-auth-plugin | CODE | In Scope | 00:51 |
| Added | https://github.com/jenkinsci/git-client-plugin | CODE | In Scope | 00:51 |
| Added | https://github.com/jenkinsci/workflow-scm-step-plugin | CODE | In Scope | 00:51 |
| Added | https://github.com/jenkinsci/jelly | CODE | In Scope | 00:51 |
| Added | https://github.com/jenkinsci/credentials-binding-plugin | CODE | In Scope | 00:51 |
| Added | docker images are not in scope for this program | OTHER | Out of Scope | 00:51 |
Feb 21, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Removed | https://github.com/jenkinsci/jenkins | OPEN-SOURCE | In Scope | 21:40 |
| Removed | https://github.com/jenkinsci/stapler | OPEN-SOURCE | In Scope | 21:40 |
| Removed | https://github.com/jenkinsci/jelly | OPEN-SOURCE | In Scope | 21:40 |
| Removed | https://github.com/jenkinsci/winstone | OPEN-SOURCE | In Scope | 21:40 |
| Removed | https://github.com/jenkinsci/script-security-plugin | OPEN-SOURCE | In Scope | 21:40 |
| Removed | https://github.com/jenkinsci/credentials-plugin | OPEN-SOURCE | In Scope | 21:40 |
| Removed | https://github.com/jenkinsci/credentials-binding-plugin | OPEN-SOURCE | In Scope | 21:40 |
| Removed | https://github.com/jenkinsci/workflow-cps-plugin | OPEN-SOURCE | In Scope | 21:40 |
| Removed | https://github.com/jenkinsci/ldap-plugin | OPEN-SOURCE | In Scope | 21:40 |
| Removed | https://github.com/jenkinsci/ssh-credentials-plugin | OPEN-SOURCE | In Scope | 21:40 |
| Removed | https://github.com/jenkinsci/plain-credentials-plugin | OPEN-SOURCE | In Scope | 21:40 |
| Removed | https://github.com/jenkinsci/matrix-auth-plugin | OPEN-SOURCE | In Scope | 21:40 |
| Removed | https://github.com/jenkinsci/ssh-agents-plugin | OPEN-SOURCE | In Scope | 21:40 |
| Removed | https://github.com/jenkinsci/git-plugin | OPEN-SOURCE | In Scope | 21:40 |
| Removed | https://github.com/jenkinsci/git-client-plugin | OPEN-SOURCE | In Scope | 21:40 |
| Removed | https://github.com/jenkinsci/workflow-scm-step-plugin | OPEN-SOURCE | In Scope | 21:40 |
| Removed | everything from https://www.jenkins.io/security/reporting/#non-issues, and in addition the following items | OTHER | Out of Scope | 21:40 |
| Removed | docker images are not in scope for this program | OTHER | Out of Scope | 21:40 |
| Removed | any components/plugins not explicitly included are not in scope (e.g. forks, libraries or packages) | OTHER | Out of Scope | 21:40 |
| Removed | jenkins installers are not in scope | OTHER | Out of Scope | 21:40 |
| Removed | jenkins project infrastructure (the one hosted by the project) is not in scope | OTHER | Out of Scope | 21:40 |
| Removed | jenkins instances hosted by users are not in scope | OTHER | Out of Scope | 21:40 |
| Added | everything from https://www.jenkins.io/security/reporting/#non-issues, and in addition the following items | OTHER | Out of Scope | 00:33 |
| Added | docker images are not in scope for this program | OTHER | Out of Scope | 00:33 |
| Added | any components/plugins not explicitly included are not in scope (e.g. forks, libraries or packages) | OTHER | Out of Scope | 00:33 |
| Added | jenkins installers are not in scope | OTHER | Out of Scope | 00:33 |
| Added | jenkins project infrastructure (the one hosted by the project) is not in scope | OTHER | Out of Scope | 00:33 |
| Added | jenkins instances hosted by users are not in scope | OTHER | Out of Scope | 00:33 |