jenkins-2-plugins is vulnerable to information disclosure. Missing permission checks in the Pipeline: Shared Groovy Libraries
plugin enables an attacker to obtain confidential information about the contents of the SCM repositories that are referenced by global libraries.