SDLC

Jenkins

Jenkins is a free and open source automation server. It helps automate the parts of software development related to building testing and deploying facilitating continuous integration and continuous delivery. It is a server-based system that runs in servlet containers such as Apache Tomcat.

Official Site:

https://www.jenkins.io/

Severity Summary:

Critical: 19 High: 58 Medium: 168 Low: 11

Reference

Title

Severity

Jenkins Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability

Medium

Jenkins Permissions Privileges and Access Controls Vulnerability

Medium

CVE-2018-1000067

Jenkins Server-Side Request Forgery (SSRF) Vulnerability

Medium

CVE-2017-1000355

Jenkins Deserialization of Untrusted Data Vulnerability

Medium

CVE-2018-1000068

Jenkins Improper Input Validation Vulnerability

Medium

Jenkins Improper Input Validation Vulnerability

Low

Jenkins Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability

Low

CVE-2017-1000401

Jenkins Improper Input Validation Vulnerability

Low

Jenkins Vulnerability

Low

Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Low

Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Low

Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability

Low

Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Low

Jenkins Cross-Site Request Forgery (CSRF) Vulnerability

Low

Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Low

Jenkins Permissions Privileges and Access Controls Vulnerability

Low