CVE-2024-39460 - Jenkins Bitbucket Branch Source Plugin 886.v44cf5e4ecec5 and earlier prints the Bitbucket OAuth acce

CVE-2024-39460

Summary

Jenkins Bitbucket Branch Source Plugin 886.v44cf5e4ecec5 and earlier prints the Bitbucket OAuth access token as part of the Bitbucket URL in the build log in some cases.

References

https://www.jenkins.io/security/advisory/2024-06-26/#SECURITY-3363
http://www.openwall.com/lists/oss-security/2024/06/26/2

Vulnerable Configurations

CVSS

Base:	None
Impact:
Exploitability:

Access

Vector	Complexity	Authentication

Impact

Confidentiality	Integrity	Availability

Last major update

27-06-2024 - 12:47

Published

26-06-2024 - 17:15

Last modified

27-06-2024 - 12:47