Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistJenkinsCVELIST:CVE-2024-39458
HistoryJun 26, 2024 - 5:06 p.m.

CVE-2024-39458

2024-06-2617:06:26
jenkins
www.cve.org
5
jenkins
structs plugin
warning message
secrets exposure
system log

0.0004 Low

EPSS

Percentile

9.1%

JSON

When Jenkins Structs Plugin 337.v1b_04ea_4df7c8 and earlier fails to configure a build step, it logs a warning message containing diagnostic information that may contain secrets passed as step parameters, potentially resulting in accidental exposure of secrets through the default system log.

CNA Affected

[
  {
    "vendor": "Jenkins Project",
    "product": "Jenkins Structs Plugin",
    "versions": [
      {
        "version": "0",
        "versionType": "maven",
        "lessThanOrEqual": "337.v1b_04ea_4df7c8",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Related

nvd 1
wolfi 1
github 1
redhatcve 1
osv 2
cve 1
nessus 1
nvd
nvd
CVE-2024-39458
2024-06-26 17:15:27
wolfi
wolfi
CVE-2024-39458 vulnerabilities
2024-06-29 09:08:33
github
github
Exposure of secrets through system log in Jenkins Structs Plugin
2024-06-26 18:30:28
redhatcve
redhatcve
CVE-2024-39458
2024-06-27 04:23:42
osv
osv
CGA-jvfh-392w-c357
2024-06-28 12:19:25
Exposure of secrets through system log in Jenkins Structs Plugin
2024-06-26 18:30:28
cve
cve
CVE-2024-39458
2024-06-26 17:15:27
nessus
nessus
Jenkins plugins Multiple Vulnerabilities (2024-06-26)
2024-06-26 00:00:00

0.0004 Low

EPSS

Percentile

9.1%

JSON
Related for CVELIST:CVE-2024-39458
nvd1wolfi1github1redhatcve1osv2cve1nessus1