When Jenkins Structs Plugin 337.v1b_04ea_4df7c8 and earlier fails to configure a build step, it logs a warning message containing diagnostic information that may contain secrets passed as step parameters, potentially resulting in accidental exposure of secrets through the default system log.
Metrics
Affected Vendors & Products
References
History
Tue, 05 Nov 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-209 | |
Metrics |
cvssV3_1
|
ssvc
|
MITRE
Status: PUBLISHED
Assigner: jenkins
Published: 2024-06-26T17:06:26.399Z
Updated: 2024-11-05T20:12:24.387Z
Reserved: 2024-06-25T08:12:57.626Z
Link: CVE-2024-39458
Vulnrichment
Updated: 2024-08-02T04:26:14.270Z
NVD
Status : Awaiting Analysis
Published: 2024-06-26T17:15:27.020
Modified: 2024-11-21T09:27:42.223
Link: CVE-2024-39458
Redhat