VDB
WID-SEC-W-2024-3456
WID-SEC-W-2024-3456
PUBLISHED
Jenkins ist ein erweiterbarer, webbasierter Integration Server zur kontinuierlichen Unterstützung bei Softwareentwicklungen aller Art.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Jenkins Jenkins Pipeline Groovy Plugin 3993.v3e20a_37282f8 | ||
| Jenkins Jenkins Pipeline Groovy Plugin <3993.v3e20a_37282f8 | ||
| Jenkins Jenkins Pipeline Declarative Plugin <2.2218.v56d0cda_37c72 | ||
| Jenkins Jenkins Authorize Project Plugin <1.8.0 | ||
| Jenkins Jenkins Script Security Plugin 1368.vb_b_402e3547e7 | ||
| Jenkins Jenkins Shared Library Version Override Plugin 19.v3a_c975738d4a_ | ||
| Jenkins Jenkins IvyTrigger Plugin <1.02 | ||
| Jenkins Jenkins Shared Library Version Override Plugin <19.v3a_c975738d4a_ | ||
| Jenkins Jenkins Authorize Project Plugin 1.8.0 | ||
| Jenkins Jenkins Script Security Plugin <1368.vb_b_402e3547e7 | ||
| Red Hat Enterprise Linux | ||
| Jenkins Jenkins IvyTrigger Plugin 1.02 | ||
| Jenkins Jenkins OpenId Connect Authentication Plugin <.421.v5422614eb_e0a_ | ||
| Jenkins Jenkins OpenId Connect Authentication Plugin .421.v5422614eb_e0a_ | ||
| Jenkins Jenkins Pipeline Declarative Plugin 2.2218.v56d0cda_37c72 |
Exploit Intelligence
- CVE-2024-52550 (github-poc-repo)
- CVE-2024-52550 (github-poc)
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3456.json (circl)
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3456 (circl)
- https://www.jenkins.io/security/advisory/2024-11-13/ (circl)
- https://access.redhat.com/errata/RHSA-2025:2222 (circl)
- https://access.redhat.com/errata/RHSA-2025:2218 (circl)
- https://access.redhat.com/errata/RHSA-2025:2219 (circl)
- https://access.redhat.com/errata/RHSA-2025:2220 (circl)
- https://access.redhat.com/errata/RHSA-2025:2221 (circl)
…and 1 more exploits
Timeline
- Nov 13, 2024 CVE Published
- Mar 4, 2025 CVE Updated
- Apr 1, 2026 Distribution Patch
- Apr 1, 2026 Distribution Patch
- Apr 1, 2026 Distribution Patch
- Apr 1, 2026 Distribution Patch
- Apr 1, 2026 Distribution Patch
- Apr 1, 2026 Distribution Patch
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3456.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3456 advisory
- https://www.jenkins.io/security/advisory/2024-11-13/ url
- https://access.redhat.com/errata/RHSA-2025:2222 url
- https://access.redhat.com/errata/RHSA-2025:2218 url
- https://access.redhat.com/errata/RHSA-2025:2219 url
- https://access.redhat.com/errata/RHSA-2025:2220 url
- https://access.redhat.com/errata/RHSA-2025:2221 url
- https://access.redhat.com/errata/RHSA-2025:2223 url