Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

SDLC

Jenkins

Jenkins is a free and open source automation server. It helps automate the parts of software development related to building testing and deploying facilitating continuous integration and continuous delivery. It is a server-based system that runs in servlet containers such as Apache Tomcat.

Official Site:

https://www.jenkins.io/

Severity Summary:

Critical: 19 High: 54 Medium: 155 Low: 10
Reference
Title
Severity
CVE-2021-21687
Jenkins Missing Authorization Vulnerability
Critical
CVE-2016-9299
Jenkins Improper Neutralization of Special Elements used in an LDAP Query (LDAP Injection) Vulnerability
Critical
CVE-2017-1000362
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Critical
CVE-2016-0791
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Critical
CVE-2021-21697
Jenkins Other Vulnerability
Critical
CVE-2016-0788
Jenkins Permissions Privileges and Access Controls Vulnerability
Critical
CVE-2021-21690
Jenkins Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Critical
CVE-2021-21691
Jenkins Improper Link Resolution Before File Access (Link Following) Vulnerability
Critical
CVE-2021-21692
Jenkins Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Critical
CVE-2021-21696
Jenkins Other Vulnerability
Critical
CVE-2021-21685
Jenkins Missing Authorization Vulnerability
Critical
CVE-2015-8103
Jenkins Deserialization of Untrusted Data Vulnerability
Critical
CVE-2024-23897
Jenkins Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Critical
CVE-2017-1000353
Jenkins Deserialization of Untrusted Data Vulnerability
Critical
CVE-2018-1000861
Jenkins Deserialization of Untrusted Data Vulnerability
Critical
CVE-2021-21693
Jenkins Improper Authorization Vulnerability
Critical
CVE-2021-21694
Jenkins Missing Authorization Vulnerability
Critical
CVE-2023-27898
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Critical
CVE-2021-21689
Jenkins Other Vulnerability
Critical
CVE-2012-4438
Jenkins Improper Input Validation Vulnerability
High
CVE-2015-5325
Jenkins Improper Access Control Vulnerability
High
CVE-2014-2063
Jenkins Vulnerability
High
CVE-2013-0329
Jenkins Vulnerability
High
CVE-2016-0792
Jenkins Improper Input Validation Vulnerability
High
CVE-2017-1000391
Jenkins Improper Input Validation Vulnerability
High
CVE-2016-3726
Jenkins Other Vulnerability
High
CVE-2017-1000503
Jenkins Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition) Vulnerability
High
CVE-2017-1000504
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2015-7538
Jenkins Vulnerability
High
CVE-2017-1000393
Jenkins Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
High