CVE-2024-39458

Published: Jun 26, 2024

Modified: Feb 13, 2025

PUBLISHED

Description

When Jenkins Structs Plugin 337.v1b_04ea_4df7c8 and earlier fails to configure a build step, it logs a warning message containing diagnostic information that may contain secrets passed as step parameters, potentially resulting in accidental exposure of secrets through the default system log.

Vendor	Product	Versions
Jenkins Project	Jenkins Structs Plugin	affected `0 - <= 337.v1b_04ea_4df7c8`

References

Jenkins Security Advisory 2024-06-26

vendor-advisory

http://www.openwall.com/lists/oss-security/2024/06/26/2

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-39458

Description

Affected Products

References