How severe is CVE-2024-47803?

CVE-2024-47803 has a CVSS v3 score of 4.3 (MEDIUM).

CVE-2024-47803

Name: jenkins
Author: jenkins

4.3MEDIUM

Jenkins 2.478 and earlier, LTS 2.462.2 and earlier does not redact multi-line secret values in error messages generated for form submissions involving the `secretTextarea` form field.

Опубликовано: 10/2/2024Обновлено: 3/19/2025

Описание

Jenkins 2.478 and earlier, LTS 2.462.2 and earlier does not redact multi-line secret values in error messages generated for form submissions involving the `secretTextarea` form field.

ИИ-АнализНа базе ИИ

Затронутые продукты

jenkinsjenkins

Ссылки

https://www.jenkins.io/security/advisory/2024-10-02/#SECURITY-3451
Vendor Advisory