VDB
CVE-2024-43044
CVE-2024-43044
PUBLISHED
Jenkins LTS 2.452.3 and earlier allows agent processes to read arbitrary files from the Jenkins controller file system by using the `ClassLoaderProxy#fetchJar` method in the Remoting library.
EPSS 65.90% · 98.5th percentile
Risk Scores
EPSS Score
65.90%
98.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | jenkins | 0, 2.463.0 |
| Bitnami | jenkins | 0, 2.463.0 |
Exploit Intelligence
- DACC4/CVE-2024-43044-jenkins-creds (github-poc)
- DACC4/CVE-2024-43044-jenkins-creds (github-poc)
- DACC4/CVE-2024-43044-jenkins-creds (github-poc)
- DACC4/CVE-2024-43044-jenkins-creds (github-poc)
- DACC4/CVE-2024-43044-jenkins-creds (github-poc)
- DACC4/CVE-2024-43044-jenkins-creds (github-poc)
- DACC4/CVE-2024-43044-jenkins-creds (github-poc)
- DACC4/CVE-2024-43044-jenkins-creds (github-poc)
- DACC4/CVE-2024-43044-jenkins-creds (github-poc)
- DACC4/CVE-2024-43044-jenkins-creds (github-poc)
…and 40 more exploits
Timeline
- Aug 7, 2024 CVE Published
- Aug 13, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Nov 18, 2024 CVE Updated
- Mar 14, 2025 Coalition ESS Score
- Mar 20, 2025 EPSS Score
- Mar 23, 2025 EPSS Score
- Apr 15, 2025 EPSS Score
- Apr 23, 2025 EPSS Score
- May 1, 2025 EPSS Score
- May 5, 2025 EPSS Score
- Jun 3, 2025 EPSS Score