CVE-2024-39460

medium

Description

Jenkins Bitbucket Branch Source Plugin 886.v44cf5e4ecec5 and earlier prints the Bitbucket OAuth access token as part of the Bitbucket URL in the build log in some cases.

References

https://www.jenkins.io/security/advisory/2024-06-26/#SECURITY-3363

http://www.openwall.com/lists/oss-security/2024/06/26/2

Details

Source: Mitre, NVD

Published: 2024-06-26

Updated: 2024-06-27

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 4.3

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N