CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-39458

When Jenkins Structs Plugin 337.v1b_04ea_4df7c8 and earlier fails to configure a build step, it logs a warning message containing diagnostic information that may contain secrets passed as step parameters, potentially resulting in accidental exposure of secrets through the default system log.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 36.4%

CVSS Severity

CVSS v3 Score 3.1

References

http://www.openwall.com/lists/oss-security/2024/06/26/2
https://www.jenkins.io/security/advisory/2024-06-26/#SECURITY-3371
http://www.openwall.com/lists/oss-security/2024/06/26/2
https://www.jenkins.io/security/advisory/2024-06-26/#SECURITY-3371

Products affected by CVE-2024-39458

Jenkins » Structs » Version: 337.v1b_04ea_4df7c8

cpe:2.3:a:jenkins:structs:337.v1b_04ea_4df7c8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-39458

Products

Pricing

Contact Us