Jenkins Project Jenkins Audit Trail Plugin vulnerabilities
3 known vulnerabilities affecting jenkins_project/jenkins_audit_trail_plugin.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2020-2288MEDIUMCVSS 5.3≥ unspecified, ≤ 3.62020-10-08
CVE-2020-2288 [MEDIUM] CVE-2020-2288: In Jenkins Audit Trail Plugin 3.6 and earlier, the default regular expression pattern could be bypas
In Jenkins Audit Trail Plugin 3.6 and earlier, the default regular expression pattern could be bypassed in many cases by adding a suffix to the URL that would be ignored during request handling.
cvelistv5nvd
CVE-2020-2287MEDIUMCVSS 5.3≥ unspecified, ≤ 3.62020-10-08
CVE-2020-2287 [MEDIUM] CVE-2020-2287: Jenkins Audit Trail Plugin 3
Jenkins Audit Trail Plugin 3.6 and earlier applies pattern matching to a different representation of request URL paths than the Stapler web framework uses for dispatching requests, which allows attackers to craft URLs that bypass request logging of any target URL.
cvelistv5
CVE-2020-2140MEDIUMCVSS 6.1PoC≥ unspecified, ≤ 3.22020-03-09
CVE-2020-2140 [MEDIUM] CWE-79 CVE-2020-2140: Jenkins Audit Trail Plugin 3.2 and earlier does not escape the error message for the URL Patterns fi
Jenkins Audit Trail Plugin 3.2 and earlier does not escape the error message for the URL Patterns field form validation, resulting in a reflected cross-site scripting vulnerability.
cvelistv5nvd