CVE-2024-52550: Jenkins Pipeline: Groovy Plugin 3990.vd281dd77a_388 and earlier, except 3975.3977.v478dd9e956c3 does not check whether the main (Jenkinsfile) script for a…

high8CVSS 3.1

AVNACLPRLUIRSUCHIHAH

Jenkins Pipeline: Groovy Plugin 3990.vd281dd77a_388 and earlier, except 3975.3977.v478dd9e956c3 does not check whether the main (Jenkinsfile) script for a rebuilt build is approved, allowing attackers with Item/Build permission to rebuild a previous build whose (Jenkinsfile) script is no longer approved.

Affected

11 ranges

Vendor	Product	Version range	Fixed in
jenkins	authorize_project_plugin	—	—
jenkins	declarative_plugin	—	—
jenkins	groovy_plugin	—	—
jenkins	ivytrigger_plugin	—	—
jenkins	openid_connect_authentication_plugin	—	—
jenkins	pipeline	< 3975.3977.v478dd9e956c3	3975.3977.v478dd9e956c3
jenkins	pipeline	—	—
jenkins	script_security_plugin	—	—
jenkins	shared_library_version_override_plugin	—	—
jenkins_project	jenkins_pipeline_groovy_plugin	<= 3975.v567e2a_1ffa_22	—
jenkins_project	jenkins_pipeline_groovy_plugin	—	—