CRX Content Package Deployer

The Jenkins project announced an unresolved security vulnerability affecting the current version of this plugin (why?):
List of issues
KeySummaryCreatedUpdated
JENKINS-68360java.lang.InterruptedException: sleep interrupted
JENKINS-54254Can't use credentials provided by "Folder Credentials" provider
JENKINS-49674CRX - Content package deployer plugin filter issue
JENKINS-43890HTTP Client to upload CRX packages does not adhere to no-proxy patterns
JENKINS-35531Upgrade to Credentials 2.1.0+ API for populating credentials drop-down
JENKINS-29719java.util.concurrent.TimeoutException when running long deployment and RequestTimeout set properly
JENKINS-25032Credentials metadata leak in GraniteCredentialsListBoxModel