Jenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier includes password parameters from the original build in replayed builds.
This allows attackers with Run/Replay permission to obtain the values of password parameters passed to previous builds of a Pipeline.
Pipeline: Groovy Plugin 2656.vf7a_e7b_75a_457 does not allow builds containing password parameters to be replayed.
CPE | Name | Operator | Version |
---|---|---|---|
org.jenkins-ci.plugins.workflow:workflow-cps | le | 2648.va9433432b33c |