Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

SDLC

Jenkins

Jenkins is a free and open source automation server. It helps automate the parts of software development related to building testing and deploying facilitating continuous integration and continuous delivery. It is a server-based system that runs in servlet containers such as Apache Tomcat.

Official Site:

https://www.jenkins.io/

Severity Summary:

Critical: 19 High: 54 Medium: 155 Low: 10
Reference
Title
Severity
CVE-2021-21639
Jenkins Improper Input Validation Vulnerability
Medium
CVE-2013-0327
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability
Medium
CVE-2020-2231
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2017-1000399
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2018-6356
Jenkins Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Medium
CVE-2018-1000068
Jenkins Improper Input Validation Vulnerability
Medium
CVE-2018-1000067
Jenkins Server-Side Request Forgery (SSRF) Vulnerability
Medium
CVE-2018-1999042
Jenkins Deserialization of Untrusted Data Vulnerability
Medium
CVE-2017-1000355
Jenkins Deserialization of Untrusted Data Vulnerability
Medium
CVE-2018-1999044
Jenkins Loop with Unreachable Exit Condition (Infinite Loop) Vulnerability
Medium
CVE-2017-1000400
Jenkins Missing Authorization Vulnerability
Medium
CVE-2017-1000398
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2018-1000169
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2017-1000396
Jenkins Improper Certificate Validation Vulnerability
Medium
CVE-2017-1000395
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2018-1999045
Jenkins Improper Authentication Vulnerability
Medium
CVE-2018-1999046
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2017-1000392
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2018-1999047
Jenkins Incorrect Authorization Vulnerability
Medium
CVE-2018-1000862
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2017-17383
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2017-2599
Jenkins Incorrect Authorization Vulnerability
Medium
CVE-2018-1000170
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2018-1999004
Jenkins Incorrect Authorization Vulnerability
Medium
CVE-2017-2607
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2018-1999005
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2018-1000195
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability
Medium
CVE-2018-1999006
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2018-1000193
Jenkins Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
Medium
CVE-2018-1000192
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium