We are working in an air-gapped environment, in order to use plugins in our internal environment we must scan them with anti viruses.

both BitDefender and AvAware found the following virus in the latest durable task plugin (1.39):

Java.Trojan.GenericGBA.30673

it is fond in the WEB-INF/lib/durable-task.jar file.

specifically, in org/jenkinsci/plugins/durabletask/PowershellScript.class

please fix it ASAP, as this is causing us major security problems in our network.

linked to https://issues.jenkins.io/browse/SECURITY-2534