VYPR
Medium severity4.3NVD Advisory· Published Aug 16, 2023· Updated Jun 17, 2026

CVE-2023-40338

CVE-2023-40338

Description

Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier displays an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available, exposing information about the Jenkins controller file system.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.jenkins-ci.plugins:cloudbees-folderMaven
< 6.848.ve3b6.848.ve3b

Affected products

2

Patches

Vulnerability mechanics

References

4

News mentions

1