Bitbucket Branch Source Plugin 886.v44cf5e4ecec5 and earlier prints the Bitbucket OAuth access token as part of the Bitbucket URL in the build log in some cases.

Bitbucket Branch Source Plugin 887.va_d359b_3d2d8d does not include the Bitbucket OAuth access token as part of the Bitbucket URL in the build log.

Affected Packages

Maven org.jenkins-ci.plugins:cloudbees-bitbucket-branch-source

Affected versions: 0 (fixed in 887.va)

Related CVEs

CVE-2024-39460

Key Information

GHSA ID

GHSA-x8mf-jcmf-r79f

Published

June 26, 2024 6:30 PM

Last Modified

June 26, 2024 8:00 PM

CVSS Score

5.0 /10

Primary Ecosystem

Maven

Primary Package

org.jenkins-ci.plugins:cloudbees-bitbucket-branch-source

GitHub Reviewed

✓ Yes

Dataset

Last updated: July 2, 2025 6:26 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.