Is org.jenkins-ci.plugins:partial-release-manager affected by CVE-2024-34148?

Maven org.jenkins-ci.plugins:partial-release-manager is affected in <=1.0.1.

Is CVE-2024-34148 being exploited?

Not on the CISA KEV list. EPSS exploit probability is 0.8%.

medium

CVE-2024-34148

Q: Is CVE-2024-34148 being exploited?

Not on the CISA KEV list. EPSS exploit probability is 0.8%.

Maven · org.jenkins-ci.plugins:partial-release-manager

Summary

Jenkins Subversion Partial Release Manager Plugin programmatically disables the fix for CVE-2016-3721

Severity: medium
EPSS: 0.8% (p51)
Also known as: GHSA-phh3-2p9m-w6j5
Published: 2024-05-02

References

https://nvd.nist.gov/vuln/detail/CVE-2024-34148
https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3331
http://www.openwall.com/lists/oss-security/2024/05/02/3

Is your project exposed to this? Stateward checks every dependency on every pull request and flags it only if your code actually reaches it.

Check my repo

Summarize with AI

ChatGPT Claude Perplexity

Sources: CISA KEV (public domain), OSV.dev & GitHub Advisory Database (CC-BY-4.0), FIRST EPSS, NVD/CWE (public domain). Served live from the Stateward advisory database.