Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

SDLC

Jenkins

Jenkins is a free and open source automation server. It helps automate the parts of software development related to building testing and deploying facilitating continuous integration and continuous delivery. It is a server-based system that runs in servlet containers such as Apache Tomcat.

Official Site:

https://www.jenkins.io/

Severity Summary:

Critical: 19 High: 54 Medium: 155 Low: 10
Reference
Title
Severity
CVE-2019-1003050
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-10352
Jenkins Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Medium
CVE-2015-7536
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2015-5326
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2015-5324
Jenkins Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2015-5322
Jenkins Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Medium
CVE-2015-5318
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability
Medium
CVE-2014-3661
Jenkins Resource Management Errors Vulnerability
Medium
CVE-2015-1813
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2015-1812
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-10354
Jenkins Missing Authorization Vulnerability
Medium
CVE-2012-6073
Jenkins Improper Input Validation Vulnerability
Medium
CVE-2012-6072
Jenkins Improper Input Validation Vulnerability
Medium
CVE-2012-0325
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2012-0324
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-10383
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-21670
Jenkins Incorrect Authorization Vulnerability
Medium
CVE-2014-3667
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2014-3662
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2014-3680
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2023-27903
Jenkins Incorrect Authorization Vulnerability
Medium
CVE-2021-21610
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-21611
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2024-47803
Jenkins Generation of Error Message Containing Sensitive Information Vulnerability
Medium
CVE-2024-47804
Jenkins Vulnerability
Medium
CVE-2020-2251
Jenkins Passwords transmitted in plain text
Medium
CVE-2020-2163
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2015-5317
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2020-2220
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2016-3721
Jenkins DEPRECATED: Code Vulnerability
Medium