Loading...

This issue is archived. You can view it, but you can't modify it. Learn more

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Critical
Component/s: envinject-plugin
Labels:
Environment:
1.89 in 1.554.2

If you have a BuildWrapper which overrides makeSensitiveBuildVariables to specify that its additions are to be considered secret, then add an EnvInjectBuilder which adds some unrelated variables, injectedEnvVars.txt includes the sensitive variables (in plaintext) and /job/.../.../injectedEnvVars/ shows them as well.

is blocking

JENKINS-23630 Update to new environment variable APIs

Resolved

is related to

JENKINS-12423 Password masked by Mask Passwords are visible when using envinject plugin

Closed

JENKINS-4428 MavenProbeAction exposes password parameters

Resolved

JENKINS-24287 EnvInject exposes password hashes

Resolved

Assignee:: Nicolas De Loof
Reporter:: Jesse Glick

Created:: 2014-06-16 14:03
Updated:: 2025-12-23 17:46
Resolved:: 2014-12-12 21:42
Archived:: 2025-12-23 17:46

Details

Description

Attachments

Issue Links

Activity

People

Dates