CVE-2024-39460

Sažetak

Jenkins Bitbucket Branch Source Plugin 886.v44cf5e4ecec5 and earlier prints the Bitbucket OAuth access token as part of the Bitbucket URL in the build log in some cases.

Reference

http://www.openwall.com/lists/oss-security/2024/06/26/2
https://www.jenkins.io/security/advisory/2024-06-26/#SECURITY-3363
http://www.openwall.com/lists/oss-security/2024/06/26/2
https://www.jenkins.io/security/advisory/2024-06-26/#SECURITY-3363

CVSS

Base:	4.3
Impact:	1.4
Exploitability:	2.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	LOW

Impact

Povjerljivost	Cjelovitost	Dostupnost
LOW	NONE	NONE

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Zadnje važnije ažuriranje

10-10-2025 - 15:29

Objavljeno

26-06-2024 - 17:15