← voltar
CVE-2020-2287

CVE-2020-2287

EPSS 1.2%
Jenkins Audit Trail Plugin 3.6 and earlier applies pattern matching to a different representation of request URL paths than the Stapler web framework uses for dispatching requests, which allows attackers to craft URLs that bypass request logging of any target URL.
Produtos afetados
Jenkins project · Jenkins Audit Trail Plugin

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.jenkins.io/security/advisory/2020-10-08/#SECURITY-1815http://www.openwall.com/lists/oss-security/2020/10/08/5