Jenkins is an open source automation server written in Java. It automates the non-human part of software development. In this recipe, we will look at exploitation of CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), and CVE-2019-1003002 (Pipeline: Declarative), which came out in January, 2019.