Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

SDLC

Jenkins

Jenkins is a free and open source automation server. It helps automate the parts of software development related to building testing and deploying facilitating continuous integration and continuous delivery. It is a server-based system that runs in servlet containers such as Apache Tomcat.

Official Site:

https://www.jenkins.io/

Severity Summary:

Critical: 19 High: 54 Medium: 155 Low: 10
Reference
Title
Severity
CVE-2015-5321
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2013-7330
Jenkins Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2015-5323
Jenkins Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2018-1000407
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2016-3725
Jenkins Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2016-3724
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2016-3723
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2016-3722
Jenkins Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2018-1000408
Jenkins Vulnerability
Medium
CVE-2018-1000409
Jenkins Session Fixation Vulnerability
Medium
CVE-2016-0790
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2016-0789
Jenkins Improper Input Validation Vulnerability
Medium
CVE-2020-2230
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2012-4441
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2012-4440
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-21615
Jenkins Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability
Medium
CVE-2012-4439
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2014-2058
Jenkins Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2014-2067
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Low
CVE-2011-4344
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Low
CVE-2013-2033
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Low
CVE-2017-2603
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Low
CVE-2014-2068
Jenkins Permissions Privileges and Access Controls Vulnerability
Low
CVE-2015-1807
Jenkins Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Low
CVE-2012-6074
Jenkins Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Low
CVE-2015-1808
Jenkins Improper Input Validation Vulnerability
Low
CVE-2017-1000401
Jenkins Improper Input Validation Vulnerability
Low
CVE-2013-0158
Jenkins Vulnerability
Low