Audit To Database

audit_to_database

Vendor: Jenkins • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-1003077 1Jenkins 1Audit To Database Jun 17, 2026 Apr 4, 2019 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 A missing permission check in Jenkins Audit to Database Plugin in the DbAuditPublisherDescriptorImpl#doTestJdbcConnection form validation method allows attackers with Overall/Read permission to initiate a connection to a...Show more A missing permission check in Jenkins Audit to Database Plugin in the DbAuditPublisherDescriptorImpl#doTestJdbcConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server.Show less
CVE-2019-1003076 1Jenkins 1Audit To Database Jun 17, 2026 Apr 4, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 A cross-site request forgery vulnerability in Jenkins Audit to Database Plugin in the DbAuditPublisherDescriptorImpl#doTestJdbcConnection form validation method allows attackers to initiate a connection to an attacker-sp...Show more A cross-site request forgery vulnerability in Jenkins Audit to Database Plugin in the DbAuditPublisherDescriptorImpl#doTestJdbcConnection form validation method allows attackers to initiate a connection to an attacker-specified server.Show less
CVE-2019-1003075 1Jenkins 1Audit To Database Jun 17, 2026 Apr 4, 2019 N/A· v4 8.8 HIGH· v3 4.0 MEDIUM· v2 Jenkins Audit to Database Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.