Jenkins Audit Trail

Do you want an email whenever new security vulnerabilities are reported in Jenkins Audit Trail?

By the Year

In 2023 there have been 0 vulnerabilities in Jenkins Audit Trail . Audit Trail did not have any published security vulnerabilities last year.

Year	Vulnerabilities	Average Score
2023	0	0.00
2022	0	0.00
2021	0	0.00
2020	3	5.57
2019	0	0.00
2018	0	0.00

It may take a day or so for new Audit Trail vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Jenkins Audit Trail Security Vulnerabilities

Jenkins Audit Trail Plugin 3.6 and earlier applies pattern matching to a different representation of request URL paths than the Stapler web framework uses for dispatching requests, which allows attackers to craft URLs

CVE-2020-2287 5.3 - Medium - October 08, 2020

Jenkins Audit Trail Plugin 3.6 and earlier applies pattern matching to a different representation of request URL paths than the Stapler web framework uses for dispatching requests, which allows attackers to craft URLs that bypass request logging of any target URL.

Interaction Error

In Jenkins Audit Trail Plugin 3.6 and earlier, the default regular expression pattern could be bypassed in many cases by adding a suffix to the URL

CVE-2020-2288 5.3 - Medium - October 08, 2020

In Jenkins Audit Trail Plugin 3.6 and earlier, the default regular expression pattern could be bypassed in many cases by adding a suffix to the URL that would be ignored during request handling.

Incorrect Regular Expression

Jenkins Audit Trail Plugin 3.2 and earlier does not escape the error message for the URL Patterns field form validation

CVE-2020-2140 6.1 - Medium - March 09, 2020

Jenkins Audit Trail Plugin 3.2 and earlier does not escape the error message for the URL Patterns field form validation, resulting in a reflected cross-site scripting vulnerability.

XSS

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Jenkins Audit Trail or by Jenkins? Click the Watch button to subscribe.

Jenkins
Vendor

Jenkins Audit Trail
Product

By the Year

Recent Jenkins Audit Trail Security Vulnerabilities

Jenkins Audit Trail Plugin 3.6 and earlier applies pattern matching to a different representation of request URL paths than the Stapler web framework uses for dispatching requests, which allows attackers to craft URLs CVE-2020-2287 5.3 - Medium - October 08, 2020

In Jenkins Audit Trail Plugin 3.6 and earlier, the default regular expression pattern could be bypassed in many cases by adding a suffix to the URL CVE-2020-2288 5.3 - Medium - October 08, 2020

Jenkins Audit Trail Plugin 3.2 and earlier does not escape the error message for the URL Patterns field form validation CVE-2020-2140 6.1 - Medium - March 09, 2020