Lucene search
JenkinsVULNRICHMENT:CVE-2024-39458HistoryJun 26, 2024 - 5:06 p.m.
CVE-2024-39458
2024-06-2617:06:26
jenkins
github.com
2
jenkins
structs plugin
secrets exposure
system log
cve-2024-39458
When Jenkins Structs Plugin 337.v1b_04ea_4df7c8 and earlier fails to configure a build step, it logs a warning message containing diagnostic information that may contain secrets passed as step parameters, potentially resulting in accidental exposure of secrets through the default system log.
CNA Affected
[
{
"vendor": "Jenkins Project",
"product": "Jenkins Structs Plugin",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "maven",
"lessThanOrEqual": "337.v1b_04ea_4df7c8"
}
],
"defaultStatus": "unaffected"
}
]Related
osv
osv
Exposure of secrets through system log in Jenkins Structs Plugin
2024-06-26 18:30:28
CGA-jvfh-392w-c357
2024-06-28 12:19:25
cve
cve
CVE-2024-39458
2024-06-26 17:15:27
nvd
nvd
CVE-2024-39458
2024-06-26 17:15:27
cvelist
cvelist
CVE-2024-39458
2024-06-26 17:06:26
github
github
Exposure of secrets through system log in Jenkins Structs Plugin
2024-06-26 18:30:28
redhatcve
redhatcve
CVE-2024-39458
2024-06-27 04:23:42
wolfi
wolfi
CVE-2024-39458 vulnerabilities
2024-09-29 21:19:24
nessus
nessus
Jenkins plugins Multiple Vulnerabilities (2024-06-26)
2024-06-26 00:00:00
AI Score
6.7
Confidence
High
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-39458