Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

SDLC

Jenkins

Jenkins is a free and open source automation server. It helps automate the parts of software development related to building testing and deploying facilitating continuous integration and continuous delivery. It is a server-based system that runs in servlet containers such as Apache Tomcat.

Official Site:

https://www.jenkins.io/

Severity Summary:

Critical: 19 High: 54 Medium: 155 Low: 10
Reference
Title
Severity
CVE-2017-2598
Jenkins Inadequate Encryption Strength Vulnerability
Medium
CVE-2017-2609
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2017-2613
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability
Medium
CVE-2017-2611
Jenkins Incorrect Authorization Vulnerability
Medium
CVE-2017-2610
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2017-2604
Jenkins Improper Authentication Vulnerability
Medium
CVE-2017-2602
Jenkins Vulnerability
Medium
CVE-2017-2612
Jenkins Incorrect Permission Assignment for Critical Resource Vulnerability
Medium
CVE-2018-1999007
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2017-2600
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2017-2601
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2017-2606
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2018-1000864
Jenkins Loop with Unreachable Exit Condition (Infinite Loop) Vulnerability
Medium
CVE-2018-1000406
Jenkins Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Medium
CVE-2016-3727
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2015-5320
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2014-2060
Jenkins Vulnerability
Medium
CVE-2014-2061
Jenkins Cryptographic Issues Vulnerability
Medium
CVE-2014-2062
Jenkins Improper Authentication Vulnerability
Medium
CVE-2018-1000997
Jenkins Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Medium
CVE-2014-2064
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2014-2065
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2014-2066
Jenkins Improper Authentication Vulnerability
Medium
CVE-2014-2059
Jenkins Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Medium
CVE-2015-1806
Jenkins Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2013-5573
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2013-0331
Jenkins Improper Input Validation Vulnerability
Medium
CVE-2013-0330
Jenkins Vulnerability
Medium
CVE-2015-1810
Jenkins Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2014-3665
Jenkins Permissions Privileges and Access Controls Vulnerability
Medium