CVE-2024-52550

Published: Nov 13, 2024

Modified: Nov 26, 2024

PUBLISHED

Description

Jenkins Pipeline: Groovy Plugin 3990.vd281dd77a_388 and earlier, except 3975.3977.v478dd9e956c3 does not check whether the main (Jenkinsfile) script for a rebuilt build is approved, allowing attackers with Item/Build permission to rebuild a previous build whose (Jenkinsfile) script is no longer approved.

Vendor	Product	Versions
Jenkins Project	Jenkins Pipeline: Groovy Plugin	affected `0 - <= 3975.v567e2a_1ffa_22` affected `3990.vd281dd77a_388`

References

Jenkins Security Advisory 2024-11-13

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-52550

Description

Affected Products

References