CVE-2024-39458 Information

Description

When Jenkins Structs Plugin 337.v1b_04ea_4df7c8 and earlier fails to configure a build step it logs a warning message containing diagnostic information that may contain secrets passed as step parameters potentially resulting in accidental exposure of secrets through the default system log.

Reference

https://www.jenkins.io/security/advisory/2024-06-26/#SECURITY-3371 http://www.openwall.com/lists/oss-security/2024/06/26/2