Pipeline requires  "Anonymous" read access to job to get "lastSuccessfulBuild"

e.g.

https://jenkins/job/pipeline/job/master/lastSuccessfulBuild/

Using matrix-based security plugin it works only in such configuration

If Overall is removed, it will require to login

Is there any way to configure without exposing so much read permissions?

Thanks in advance