CVE-2024-52550
- Source
- https://cve.org/CVERecord?id=CVE-2024-52550
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-52550.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-52550
- Aliases
- Downstream
- Published
- 2024-11-13T21:15:29.293Z
- Modified
- 2026-01-29T06:19:59.296748Z
- Severity
-
- 8.0 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Jenkins Pipeline: Groovy Plugin 3990.vd281dd77a_388 and earlier, except 3975.3977.v478dd9e956c3 does not check whether the main (Jenkinsfile) script for a rebuilt build is approved, allowing attackers with Item/Build permission to rebuild a previous build whose (Jenkinsfile) script is no longer approved.
- References
Affected packages
Git / github.com/jenkinsci/workflow-cps-plugin
Affected ranges
- Type
- GIT
- Repo
- https://github.com/jenkinsci/workflow-cps-plugin
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
2633.*
2633.v6baeedc13805
2640.*
2640.v00e79c8113de
2644.*
2644.v29a793dac95a
2646.*
2646.v6ed3b5b01ff1
2648.*
2648.va9433432b33c
2656.*
2656.vf7a_e7b_75a_457
2659.*
2659.v52d3de6044d0
2660.*
2660.vb_c0412dc4e6d
2680.*
2680.vf642ed4fa_d55
2682.*
2682.va_473dcddc941
2683.*
2683.vd0a_8f6a_1c263
2686.*
2686.v7c37e0578401
2687.*
2687.v3f09155513c1
2688.*
2688.v39a_b_e5c49a_65
2689.*
2689.v434009a_31b_f1
2692.*
2692.v76b_089ccd026
2705.*
2705.v0449852ee36f
2706.*
2706.v71dd22b_c5a_a_2
2710.*
2710.vcd48b_b_9e0e7d
2725.*
2725.v7b_c717eb_12ce
2729.*
2729.vea_17b_79ed57a_
2746.*
2746.v0da_83a_332669
2759.*
2759.v87459c4eea_ca_
2784.*
2784.vd252824b_4eb_9
2801.*
2801.vf82a_b_b_e3e8a_5
2802.*
2802.v5ea_628154b_c2
2803.*
2803.v1a_f77ffcc773
3520.*
3520.va_8fc49e2f96f
3536.*
3536.vb_8a_6628079d5
3565.*
3565.v4b_d9b_8c29a_b_3
3581.*
3581.v2b_e4c99c76ed
3583.*
3583.v4f58de0d78d5
3601.*
3601.v9b_36a_d99e1cc
3606.*
3606.v0b_d8b_e512dcf
3611.*
3611.v201b_d9f9eb_f7
3616.*
3616.vb_2e7168f4b_0c
3618.*
3618.v13db_a_21f0fcf
3624.*
3624.v43b_a_38b_62b_b_7
3626.*
3626.v4eb_a_7d8b_2fa_4
3629.*
3629.v8177e69e359a_
3635.*
3635.vedb_8602eefa_c
3637.*
3637.v63b_c17e0ed5b_
3641.*
3641.vf58904a_b_b_5d8
3651.*
3651.ve2e99a_4f4a_e5
3653.*
3653.v07ea_433c90b_4
3659.*
3659.v582dc37621d8
3668.*
3668.v1763b_b_6ccffd
3673.*
3673.v5b_dd74276262
3691.*
3691.v28b_14c465a_b_b_
3693.*
3693.vd5c06270e4dc
3697.*
3697.vb_470e454c232
3705.*
3705.va_6a_c2775a_c17
3713.*
3713.vd671d4321509
3717.*
3717.va_180a_fe9d3cd
3722.*
3722.v85ce2a_c6240b_
3726.*
3726.v83f8cff396c9
3728.*
3728.vd5c88eef9154
3731.*
3731.ve4b_5b_857b_a_d3
3732.*
3732.vb_77c00a_57e12
3740.*
3740.v6d35b_4ed5f9f
3744.*
3744.v6f2c0fe0e54d
3767.*
3767.vdd3e0a_65b_ef3
3769.*
3769.v8b_e595e4d40d
3773.*
3773.v505e0052522c
3774.*
3774.v4a_d648d409ce
3785.*
3785.vee73da_b_9544e
3787.*
3787.v8f5dcd14a_fa_c
3791.*
3791.va_c0338ea_b_59c
3793.*
3793.v65dec41c3a_c3
3802.*
3802.vd42b_fcf00b_a_c
3805.*
3805.v769b_b_74b_db_14
3806.*
3806.va_3a_6988277b_2
3812.*
3812.vc3031a_b_a_c955
3817.*
3817.vd20b_7e2b_692b_
3821.*
3821.v9d3888c583b_1
3826.*
3826.v3b_5707fe44da_
3832.*
3832.vc43e04d6d68c
3835.*
3835.vc2a_8f9167e92
3837.*
3837.v305192405b_c0
3853.*
3853.vb_a_490d892963
3859.*
3859.v7f65cc865019
3867.*
3867.v535458ce43fd
3880.*
3880.vb_ef4b_5cfd270
3883.*
3883.vb_3ff2a_e3eea_f
3889.*
3889.v937e0b_3412d3
3894.*
3894.vd0f0248b_a_fc4
3903.*
3903.v48a_8836749e9
3908.*
3908.vd6b_b_5a_a_54010
3922.*
3922.va_f73b_7c4246b_
3943.*
3943.v3519a_3260660
3946.*
3946.v7935cb_edb_f82
3953.*
3953.v19f11da_8d2fa_
3961.*
3961.ve48ee2c44a_b_3
3964.*
3964.v0767b_4b_a_0b_fa_
3969.*
3969.vdc9d3a_efcc6a_
3975.*
3975.v567e2a_1ffa_22
groovy-cps-0.*
groovy-cps-0.1
groovy-cps-0.2
groovy-cps-0.3
groovy-cps-0.4
groovy-cps-0.5
groovy-cps-0.6
groovy-cps-0.7
groovy-cps-0.8
groovy-cps-0.9
groovy-cps-1.*
groovy-cps-1.0
groovy-cps-1.1
groovy-cps-1.10
groovy-cps-1.11
groovy-cps-1.12
groovy-cps-1.2
groovy-cps-1.3
groovy-cps-1.4
groovy-cps-1.5
groovy-cps-1.6
groovy-cps-1.7
groovy-cps-1.8
groovy-cps-1.9
groovy-cps-parent-1.*
groovy-cps-parent-1.13
groovy-cps-parent-1.13.1
groovy-cps-parent-1.14
groovy-cps-parent-1.15
groovy-cps-parent-1.16
groovy-cps-parent-1.17
groovy-cps-parent-1.18
groovy-cps-parent-1.19
groovy-cps-parent-1.20
groovy-cps-parent-1.21
groovy-cps-parent-1.22
groovy-cps-parent-1.23
groovy-cps-parent-1.24
groovy-cps-parent-1.25
groovy-cps-parent-1.26
groovy-cps-parent-1.27
groovy-cps-parent-1.28
groovy-cps-parent-1.29
groovy-cps-parent-1.30
groovy-cps-parent-1.31
groovy-cps-parent-1.32
groovy-cps-parent-1.34
workflow-cps-2.*
workflow-cps-2.0
workflow-cps-2.1
workflow-cps-2.10
workflow-cps-2.11
workflow-cps-2.12
workflow-cps-2.13
workflow-cps-2.14
workflow-cps-2.15
workflow-cps-2.16
workflow-cps-2.17
workflow-cps-2.18
workflow-cps-2.19
workflow-cps-2.2
workflow-cps-2.20
workflow-cps-2.21
workflow-cps-2.22
workflow-cps-2.23
workflow-cps-2.24
workflow-cps-2.25
workflow-cps-2.26
workflow-cps-2.27
workflow-cps-2.28
workflow-cps-2.29
workflow-cps-2.3
workflow-cps-2.30
workflow-cps-2.31
workflow-cps-2.32
workflow-cps-2.33
workflow-cps-2.34
workflow-cps-2.35
workflow-cps-2.36
workflow-cps-2.37
workflow-cps-2.38
workflow-cps-2.39
workflow-cps-2.4
workflow-cps-2.40
workflow-cps-2.41
workflow-cps-2.42
workflow-cps-2.43
workflow-cps-2.44
workflow-cps-2.45
workflow-cps-2.46
workflow-cps-2.47
workflow-cps-2.48
workflow-cps-2.49
workflow-cps-2.5
workflow-cps-2.50
workflow-cps-2.51
workflow-cps-2.52
workflow-cps-2.53
workflow-cps-2.54
workflow-cps-2.55
workflow-cps-2.56
workflow-cps-2.57
workflow-cps-2.58
workflow-cps-2.58-beta-1
workflow-cps-2.59
workflow-cps-2.6
workflow-cps-2.60
workflow-cps-2.61
workflow-cps-2.62
workflow-cps-2.63
workflow-cps-2.64
workflow-cps-2.65
workflow-cps-2.66
workflow-cps-2.67
workflow-cps-2.68
workflow-cps-2.69
workflow-cps-2.7
workflow-cps-2.70
workflow-cps-2.71
workflow-cps-2.72
workflow-cps-2.73
workflow-cps-2.74
workflow-cps-2.75
workflow-cps-2.76
workflow-cps-2.77
workflow-cps-2.78
workflow-cps-2.79
workflow-cps-2.8
workflow-cps-2.80
workflow-cps-2.81
workflow-cps-2.82
workflow-cps-2.83
workflow-cps-2.84
workflow-cps-2.85
workflow-cps-2.86
workflow-cps-2.87
workflow-cps-2.88
workflow-cps-2.89
workflow-cps-2.9
workflow-cps-2.90
workflow-cps-2.91
workflow-cps-2.92
workflow-cps-2.93
workflow-cps-2.94
Database specific
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-52550.json"
vanir_signatures
[
{
"source": "https://github.com/jenkinsci/workflow-cps-plugin/commit/478dd9e956c3efd5a4caeb2853ed90fe6b43bb54",
"digest": {
"line_hashes": [
"241503016963334275481389061690319949662",
"165757167630658055129947342080067659295",
"286513685338667409456784370997701928814",
"203733056658760244223435409289595497667",
"234482627059449368060216991215284767641",
"339730782246751231016932725286971289569",
"7705090758047436668618646354031059319",
"301061411071208110310997100268446788023",
"51048813938629713974961881592460392943",
"244125084856819352952595829882912148068"
],
"threshold": 0.9
},
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "plugin/src/test/java/org/jenkinsci/plugins/workflow/cps/replay/ReplayActionTest.java"
},
"id": "CVE-2024-52550-9ac2d56b"
},
{
"source": "https://github.com/jenkinsci/workflow-cps-plugin/commit/478dd9e956c3efd5a4caeb2853ed90fe6b43bb54",
"digest": {
"line_hashes": [
"83041952917922266203024200370135336750",
"129712432041274682841705936128085853368",
"3938606992791905801160725765869850681",
"196235185447533311549412594174366816794",
"233740712330939138948298888100925478104",
"133467005256878408354088993576597979729",
"224355069306776122284243793723485461500",
"298253613115526799810558994502780001870",
"225977230873410712923895708561969759186",
"233396788178087836851242354795166301061",
"90166536317726077285449880233981975310",
"336084547348892633330981263009356616334",
"113556496872949030179319530562217439635",
"335620477376328046298266635668971633096",
"256982650391417025987635503169422350566",
"177009762124131519634084263018198573103",
"54201665649222240105036165582305867480",
"85826229756235537035973519111186025936",
"335515362948368738309543116286405408511",
"208642428923002922237546792075531712645",
"2158000543856184304639671306502529598",
"115716369245171271019606619035938386017",
"33109444102234179430539019746189633170",
"86313051956754389006487119810766118438",
"231926552366293500366854104698072490287",
"213411598120264982461481833548123873461",
"177546532560139467087083172531985899716",
"301782597341187263567205537392096233986"
],
"threshold": 0.9
},
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "plugin/src/main/java/org/jenkinsci/plugins/workflow/cps/replay/ReplayAction.java"
},
"id": "CVE-2024-52550-c5fcb088"
},
{
"source": "https://github.com/jenkinsci/workflow-cps-plugin/commit/478dd9e956c3efd5a4caeb2853ed90fe6b43bb54",
"digest": {
"function_hash": "59319320517719721185119363905614154092",
"length": 840.0
},
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "run",
"file": "plugin/src/main/java/org/jenkinsci/plugins/workflow/cps/replay/ReplayPipelineCommand.java"
},
"id": "CVE-2024-52550-eeab264a"
},
{
"source": "https://github.com/jenkinsci/workflow-cps-plugin/commit/478dd9e956c3efd5a4caeb2853ed90fe6b43bb54",
"digest": {
"line_hashes": [
"92995303549175838372005553951101507244",
"193044022111519314436425534492459383746",
"30729990340606279602709218203110056685",
"18599781497409357756919095055110567482",
"264590375625122311429334805475445146406",
"321752122521489627948427044057316136651",
"143374159257491922063220984367705992991",
"329516254398014318127342528907538059859",
"265488095473441348182946717389315786464",
"38285656636411351812630567357903927733",
"19345548465350307123411669397860989380",
"183131913060398404704743419823315360750",
"326086981466240870288374699483261246395",
"74287046045302187215385488445592981688",
"69228934400659891121193882656454853710",
"53621611776729759629382672391160474373",
"90775114287351915572880210723870621703",
"265109696668203799462771906903255334999"
],
"threshold": 0.9
},
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "plugin/src/main/java/org/jenkinsci/plugins/workflow/cps/replay/ReplayPipelineCommand.java"
},
"id": "CVE-2024-52550-fac0f363"
},
{
"source": "https://github.com/jenkinsci/workflow-cps-plugin/commit/478dd9e956c3efd5a4caeb2853ed90fe6b43bb54",
"digest": {
"function_hash": "99162987428561518317895903366520527661",
"length": 654.0
},
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "run2",
"file": "plugin/src/main/java/org/jenkinsci/plugins/workflow/cps/replay/ReplayAction.java"
},
"id": "CVE-2024-52550-fb25eead"
}
]