The Jenkins project announced an unresolved security vulnerability affecting the current version of this plugin (why?):

Uploads any supported ThreadFix scan file to your ThreadFix server


  • This plugin is NOT maintained by Denim Group
  • Plugin version 1.0 supports ThreadFix versions 1.0 and 2.0.


  • Upload any supported scan file(s) from your Jenkins Slave/Master to your ThreadFix web server using your ThreadFix API Keys.
  • Ability to specify any scan filename under the Project's workspace using Jenkin's environmental variables.
  • ThreadFix REST API is used for all communication from the Jenkins Server.

Jenkins Global Config

Jenkins Project Config

Installation & Setup

A ThreadFix server deployment with an API Key created from your ThreadFix installation.


otto [at] automationdomination [dot] me


1.5.3 (Aug 02, 2016)

  • Added ability to configure multiple scan files for uploading