Lucene search
GitHub Advisory DatabaseGHSA-QV6Q-X9VR-W7J3HistoryFeb 16, 2022 - 12:01 a.m.
Jenkins Pipeline: Groovy Plugin has Insufficiently Protected Credentials
2022-02-1600:01:32
CWE-319
CWE-522
GitHub Advisory Database
github.com
4
0.001 Low
EPSS
Percentile
21.4%
Jenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier includes password parameters from the original build in replayed builds.
This allows attackers with Run/Replay permission to obtain the values of password parameters passed to previous builds of a Pipeline.
Pipeline: Groovy Plugin 2656.vf7a_e7b_75a_457 does not allow builds containing password parameters to be replayed.
| CPE | Name | Operator | Version |
|---|---|---|---|
| org.jenkins-ci.plugins.workflow:workflow-cps | le | 2648.va9433432b33c |
Related
cnvd
cnvd
Jenkins Pipeline Groovy Plugin信息泄露漏洞
2022-02-17 00:00:00
cvelist
cvelist
CVE-2022-25180
2022-02-15 16:11:02
redhatcve
redhatcve
CVE-2022-25180
2022-02-17 16:52:43
osv
osv
Jenkins Pipeline: Groovy Plugin has Insufficiently Protected Credentials
2022-02-16 00:01:32
veracode
veracode
Sensitive Information Disclosure
2022-04-21 00:42:55
alpinelinux
alpinelinux
CVE-2022-25180
2022-02-15 17:15:00
prion
prion
Default credentials
2022-02-15 17:15:00
cve
cve
CVE-2022-25180
2022-02-15 17:15:00
nessus
nessus
RHEL 8 : OpenShift Container Platform 4.7.48 (RHSA-2022:1248)
2022-04-13 00:00:00
RHEL 8 : OpenShift Container Platform 4.10.6 (RHSA-2022:1025)
2022-03-29 00:00:00
RHEL 7 / 8 : OpenShift Container Platform 4.6.57 (RHSA-2022:1620)
2022-05-04 00:00:00
redhat
redhat