Today > vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-39458

June 26, 2024, 6:15 p.m.

Tags

jenkinsci-cert@googlegroups.com
2024-06-26
CVE-2024-39458

Product(s) Impacted

Jenkins Structs Plugin

  • 337.v1b_04ea_4df7c8 and earlier

Description

When Jenkins Structs Plugin 337.v1b_04ea_4df7c8 and earlier fails to configure a build step, it logs a warning message containing diagnostic information that may contain secrets passed as step parameters, potentially resulting in accidental exposure of secrets through the default system log.

Weaknesses

Date

Published: June 26, 2024, 5:15 p.m.

Last Modified: June 26, 2024, 6:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

jenkinsci-cert@googlegroups.com

References

http://www.openwall.com/ jenkinsci-cert@googlegroups.com
https://www.jenkins.io/ jenkinsci-cert@googlegroups.com