Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2024-39458
HistoryJun 26, 2024 - 5:15 p.m.

CVE-2024-39458

2024-06-2617:15:27
[email protected]
web.nvd.nist.gov
16
jenkins
structs plugin
warning message
leak
secrets
system log

6.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

When Jenkins Structs Plugin 337.v1b_04ea_4df7c8 and earlier fails to configure a build step, it logs a warning message containing diagnostic information that may contain secrets passed as step parameters, potentially resulting in accidental exposure of secrets through the default system log.

CNA Affected

[
  {
    "vendor": "Jenkins Project",
    "product": "Jenkins Structs Plugin",
    "versions": [
      {
        "version": "0",
        "versionType": "maven",
        "lessThanOrEqual": "337.v1b_04ea_4df7c8",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Related

nvd 1
cvelist 1
github 1
redhatcve 1
wolfi 1
osv 2
nessus 1
nvd
nvd
CVE-2024-39458
2024-06-26 17:15:27
cvelist
cvelist
CVE-2024-39458
2024-06-26 17:06:26
github
github
Exposure of secrets through system log in Jenkins Structs Plugin
2024-06-26 18:30:28
redhatcve
redhatcve
CVE-2024-39458
2024-06-27 04:23:42
wolfi
wolfi
CVE-2024-39458 vulnerabilities
2024-06-29 09:08:33
osv
osv
Exposure of secrets through system log in Jenkins Structs Plugin
2024-06-26 18:30:28
CGA-jvfh-392w-c357
2024-06-28 12:19:25
nessus
nessus
Jenkins plugins Multiple Vulnerabilities (2024-06-26)
2024-06-26 00:00:00

6.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON
Related for CVE-2024-39458
nvd1cvelist1github1redhatcve1wolfi1osv2nessus1