CVE-2024-47805

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-47805

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-47805.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-47805

Aliases

GHSA-62jv-j4w7-5hh8

Published

2024-10-02T16:15:10Z

Modified

2024-11-14T00:48:20.209970Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

Jenkins Credentials Plugin 1380.va435002fa924 and earlier, except 1371.1373.v4ebfab_7161e9, does not redact encrypted values of credentials using the SecretBytes type when accessing item config.xml via REST API or CLI.

References

https://www.jenkins.io/security/advisory/2024-10-02/#SECURITY-3373

Affected packages

Git / github.com/jenkinsci/credentials-plugin

Affected ranges

Type: GIT
Repo: https://github.com/jenkinsci/credentials-plugin
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

4ebfab7161e93c51353dcf6224e8450b56009710

Affected versions

1055.*

1055.v1346ba467ba1

1061.*

1061.vb_1fceb_58fa_18

1074.*

1074.v60e6c29b_b_44b_

1087.*

1087.v16065d268466

1105.*

1105.vb_4e24a_c78b_81

1111.*

1111.v35a_307992395

1112.*

1112.vc87b_7a_3597f6

1118.*

1118.v320cd028cb_a_0

1126.*

1126.ve05618c41e62

1129.*

1129.vef26f5df883c

1139.*

1139.veb_9579fca_33b_

1143.*

1143.vb_e8b_b_ceee347

1189.*

1189.vf61b_a_5e2f62e

1214.*

1214.v1de940103927

1224.*

1224.vc23ca_a_9a_2cb_0

1236.*

1236.v31e44e6060c0

1254.*

1254.vb_96f366e7b_a_d

1268.*

1268.v3f0d043d60e9

1271.*

1271.v54b_1c2c6388a_

1290.*

1290.v2e5b_13eb_b_127

1293.*

1293.vff276f713473

1304.*

1304.v5ec13eecef46

1305.*

1305.v04f5ec1f3743

1307.*

1307.v3757c78f17c3

1309.*

1309.v8835d63eb_d8a_

1311.*

1311.vcf0a_900b_37c2

1317.*

1317.v0ce519a_92b_3e

1319.*

1319.v7eb_51b_3a_c97b_

1337.*

1337.v60b_d7b_c7b_c9f

1344.*

1344.v5a_3f65a_1e173

1350.*

1350.v1b_df4d227d1b_

1355.*

1355.v46f52a_b_98d64

1361.*

1361.v56f5ca_35d21c

1371.*

1371.vfee6b_095f0a_3

credentials-1.*

credentials-1.0

credentials-1.1

credentials-1.10

credentials-1.11

credentials-1.12

credentials-1.13

credentials-1.14

credentials-1.15

credentials-1.16

credentials-1.16.1

credentials-1.17

credentials-1.18

credentials-1.19

credentials-1.2

credentials-1.20

credentials-1.21

credentials-1.22

credentials-1.23

credentials-1.24

credentials-1.25

credentials-1.26

credentials-1.27

credentials-1.28

credentials-1.3

credentials-1.3.1

credentials-1.4

credentials-1.5

credentials-1.6

credentials-1.7

credentials-1.7.1

credentials-1.7.2

credentials-1.7.3

credentials-1.7.4

credentials-1.7.5

credentials-1.7.6

credentials-1.8

credentials-1.8.1

credentials-1.8.2

credentials-1.8.3

credentials-1.8.4

credentials-1.9

credentials-1.9.1

credentials-1.9.2

credentials-1.9.3

credentials-1.9.4

credentials-2.*

credentials-2.0

credentials-2.0.1

credentials-2.0.2

credentials-2.0.3

credentials-2.0.4

credentials-2.0.5

credentials-2.0.6

credentials-2.0.7

credentials-2.1.0

credentials-2.1.1

credentials-2.1.10

credentials-2.1.11

credentials-2.1.12

credentials-2.1.13

credentials-2.1.14

credentials-2.1.15

credentials-2.1.16

credentials-2.1.17

credentials-2.1.18

credentials-2.1.19

credentials-2.1.2

credentials-2.1.3

credentials-2.1.4

credentials-2.1.5

credentials-2.1.6

credentials-2.1.7

credentials-2.1.8

credentials-2.1.9

credentials-2.2.0

credentials-2.2.1

credentials-2.3.0

credentials-2.3.1

credentials-2.3.10

credentials-2.3.11

credentials-2.3.12

credentials-2.3.13

credentials-2.3.14

credentials-2.3.15

credentials-2.3.16

credentials-2.3.17

credentials-2.3.18

credentials-2.3.19

credentials-2.3.2

credentials-2.3.3

credentials-2.3.4

credentials-2.3.5

credentials-2.3.6

credentials-2.3.7

credentials-2.3.8

credentials-2.3.9

credentials-2.4

credentials-2.4.1

credentials-2.5

credentials-2.6

credentials-2.6.1

credentials-2.6.2