← back
CVE-2024-39460

CVE-2024-39460

CVSS 4.3 MEDIUMEPSS 0.5%CWE-532
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.3EPSS 0.5%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
26 Jun 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Jenkins Bitbucket Branch Source Plugin 886.v44cf5e4ecec5 and earlier prints the Bitbucket OAuth access token as part of the Bitbucket URL in the build log in some cases.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Affected products
Jenkins Project · Jenkins Bitbucket Branch Source Plugin

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.jenkins.io/security/advisory/2024-06-26/#SECURITY-3363http://www.openwall.com/lists/oss-security/2024/06/26/2