CVE-2022-25180
N/A
N/A
Summary
Jenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier includes password parameters from the original build in replayed builds, allowing attackers with Run/Replay permission to obtain the values of password parameters passed to previous builds of a Pipeline.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Jenkins project | Jenkins Pipeline: Groovy Plugin | unspecified <= 2648.va9433432b33c | affected |
| Jenkins project | Jenkins Pipeline: Groovy Plugin | 2.94.1 | unaffected |
| Jenkins project | Jenkins Pipeline: Groovy Plugin | 2.92.1 | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.