CVE-2024-39458

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-39458
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-39458.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-39458
Aliases
Related
Published
2024-06-26T17:15:27.020Z
Modified
2026-04-10T05:15:47.442871Z
Severity
  • 3.1 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

When Jenkins Structs Plugin 337.v1b04ea4df7c8 and earlier fails to configure a build step, it logs a warning message containing diagnostic information that may contain secrets passed as step parameters, potentially resulting in accidental exposure of secrets through the default system log.

References

Affected packages

Git / github.com/jenkinsci/structs-plugin

Affected ranges

Type
GIT
Repo
https://github.com/jenkinsci/structs-plugin
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
1b04ea4df7c87eb9707a32cfef8a91c6ec9c3d2b
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "337.v1b_04ea_4df7c8"
        }
    ]
}

Affected versions

308.*
308.v852b473a2b8c
317.*
317.vf68c51f71b_e2
318.*
318.va_f3ccb_729b_71
324.*
324.va_f5d6774f3a_d
325.*
325.vcb_307d2a_2782
337.*
337.v1b_04ea_4df7c8
structs-parent-1.*
structs-parent-1.0
structs-parent-1.1
structs-parent-1.10
structs-parent-1.11
structs-parent-1.13
structs-parent-1.14
structs-parent-1.15
structs-parent-1.16
structs-parent-1.17
structs-parent-1.18
structs-parent-1.19
structs-parent-1.2
structs-parent-1.20
structs-parent-1.21
structs-parent-1.22
structs-parent-1.23
structs-parent-1.24
structs-parent-1.3
structs-parent-1.4
structs-parent-1.5
structs-parent-1.6
structs-parent-1.7
structs-parent-1.8
structs-parent-1.9

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-39458.json"