Maven package
io.jenkins.blueocean/blueocean-pipeline-scm-api
pkg:maven/io.jenkins.blueocean/blueocean-pipeline-scm-api
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-30952 | — | < 1.25.4 | 1.25.4 | May 17, 2022 | Jenkins Pipeline SCM API for Blue Ocean Plugin 1.25.3 and earlier allows attackers with Job/Configure permission to access credentials with attacker-specified IDs stored in the private per-user credentials stores of any attacker-specified user in Jenkins. |
- CVE-2022-30952May 17, 2022affected < 1.25.4fixed 1.25.4
Jenkins Pipeline SCM API for Blue Ocean Plugin 1.25.3 and earlier allows attackers with Job/Configure permission to access credentials with attacker-specified IDs stored in the private per-user credentials stores of any attacker-specified user in Jenkins.