Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

SDLC

Jenkins

Jenkins is a free and open source automation server. It helps automate the parts of software development related to building testing and deploying facilitating continuous integration and continuous delivery. It is a server-based system that runs in servlet containers such as Apache Tomcat.

Official Site:

https://www.jenkins.io/

Severity Summary:

Critical: 19 High: 54 Medium: 154 Low: 10
Reference
Title
Severity
CVE-2018-1999044
Jenkins Loop with Unreachable Exit Condition (Infinite Loop) Vulnerability
Medium
CVE-2018-1999042
Jenkins Deserialization of Untrusted Data Vulnerability
Medium
CVE-2018-1999007
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2018-1999006
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2018-1999005
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-10403
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-10406
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2018-1999003
Jenkins Incorrect Authorization Vulnerability
Medium
CVE-2021-21608
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-2229
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-2223
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-2222
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-2221
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-2220
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-2163
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-2251
Jenkins Passwords transmitted in plain text
Medium
CVE-2021-21611
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-21610
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-21609
Jenkins Incorrect Authorization Vulnerability
Medium
CVE-2021-21607
Jenkins Allocation of Resources Without Limits or Throttling Vulnerability
Medium
CVE-2020-2100
Jenkins Other Vulnerability
Medium
CVE-2021-21606
Jenkins Improper Input Validation Vulnerability
Medium
CVE-2021-21603
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-21602
Jenkins Improper Link Resolution Before File Access (Link Following) Vulnerability
Medium
CVE-2020-2162
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-2161
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-2105
Jenkins Improper Restriction of Rendered UI Layers or Frames Vulnerability
Medium
CVE-2020-2104
Jenkins Incorrect Authorization Vulnerability
Medium
CVE-2020-2103
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2020-2102
Jenkins Observable Differences in Behavior to Error Inputs Vulnerability
Medium