Two vulnerabilities in the Jenkins open-source automation server can be exploited to achieve code execution on targeted systems.