-
New Feature
-
Resolution: Unresolved
-
Minor
-
None
-
Jenkins: 2.483
OS: Linux - 5.15.0-124-generic
Java: 17.0.12 - Eclipse Adoptium (OpenJDK 64-Bit Server VM)
---
analysis-model-api:12.9.0
anchore-container-scanner:3.2.0
antisamy-markup-formatter:162.v0e6ec0fcfcf6
apache-httpcomponents-client-4-api:4.5.14-208.v438351942757
apache-httpcomponents-client-5-api:5.4-124.v31e2987e48f4
asm-api:9.7.1-97.v4cc844130d97
atlassian-jira-software-cloud:2.0.15
audit-trail:382.vf64d6f626060
authentication-tokens:1.119.v50285141b_7e1
basic-branch-build-strategies:190.v343a_ee70d920
bitbucket-oauth:0.13
blueocean:1.27.16
blueocean-autofavorite:1.2.5
blueocean-bitbucket-pipeline:1.27.16
blueocean-commons:1.27.16
blueocean-config:1.27.16
blueocean-core-js:1.27.16
blueocean-dashboard:1.27.16
blueocean-display-url:2.4.3
blueocean-events:1.27.16
blueocean-git-pipeline:1.27.16
blueocean-github-pipeline:1.27.16
blueocean-i18n:1.27.16
blueocean-jira:1.27.16
blueocean-jwt:1.27.16
blueocean-personalization:1.27.16
blueocean-pipeline-api-impl:1.27.16
blueocean-pipeline-editor:1.27.16
blueocean-pipeline-scm-api:1.27.16
blueocean-rest:1.27.16
blueocean-rest-impl:1.27.16
blueocean-web:1.27.16
bootstrap5-api:5.3.3-1
bouncycastle-api:2.30.1.78.1-248.ve27176eb_46cb_
branch-api:2.1197.vfa_d0c47c267d
build-token-root:151.va_e52fe3215fc
caffeine-api:3.1.8-133.v17b_1ff2e0599
checks-api:2.2.1
cloudbees-bitbucket-branch-source:895.v15dc41668f03
cloudbees-folder:6.955.v81e2a_35c08d3
command-launcher:115.vd8b_301cc15d0
commons-compress-api:1.26.1-2
commons-httpclient3-api:3.1-3
commons-lang3-api:3.17.0-84.vb_b_938040b_078
commons-text-api:1.12.0-129.v99a_50df237f7
configuration-as-code:1873.vea_5814ca_9c93
credentials:1389.vd7a_b_f5fa_50a_2
credentials-binding:687.v619cb_15e923f
data-tables-api:2.1.8-1
display-url-api:2.209.v582ed814ff2f
docker-commons:443.v921729d5611d
docker-workflow:580.vc0c340686b_54
durable-task:577.v2a_8a_4b_7c0247
echarts-api:5.5.1-4
eddsa-api:0.3.0-4.v84c6f0f4969e
favorite:2.221.v19ca_666b_62f5
font-awesome-api:6.6.0-2
forensics-api:2.6.0
git:5.6.0
git-client:6.1.0
git-parameter:0.9.19
git-server:126.v0d945d8d2b_39
github:1.40.0
github-api:1.321-478.vc9ce627ce001
github-branch-source:1807.v50351eb_7dd13
grypescanner:1.8
gson-api:2.11.0-85.v1f4e87273c33
handy-uri-templates-2-api:2.1.8-30.v7e777411b_148
htmlpublisher:1.36
instance-identity:201.vd2a_b_5a_468a_a_6
ionicons-api:74.v93d5eb_813d5f
jackson2-api:2.17.0-379.v02de8ec9f64c
jakarta-activation-api:2.1.3-1
jakarta-mail-api:2.1.3-1
javax-activation-api:1.2.0-7
javax-mail-api:1.6.2-10
jaxb:2.3.9-1
jdk-tool:80.v8a_dee33ed6f0
jenkins-design-language:1.27.16
jersey2-api:2.44-151.v6df377fff741
jira:3.13
jjwt-api:0.11.5-112.ve82dfb_224b_a_d
joda-time-api:2.13.0-93.v9934da_29b_a_e9
jquery:1.12.4-3
jquery3-api:3.7.1-2
jsch:0.2.16-86.v42e010d9484b_
json-api:20240303-101.v7a_8666713110
json-path-api:2.9.0-118.v7f23ed82a_8b_8
junit:1307.vdd5b_2646279e
mailer:489.vd4b_25144138f
mapdb-api:1.0.9-40.v58107308b_7a_7
matrix-auth:3.2.3
matrix-project:840.v812f627cb_578
mercurial:1260.vdfb_723cdcc81
mina-sshd-api-common:2.14.0-133.vcc091215a_358
mina-sshd-api-core:2.14.0-133.vcc091215a_358
miniorange-saml-sp:2.4.4
nexus-artifact-uploader:2.14
okhttp-api:4.11.0-181.v1de5b_83857df
pipeline-build-step:540.vb_e8849e1a_b_d8
pipeline-graph-analysis:216.vfd8b_ece330ca_
pipeline-groovy-lib:744.v5b_556ee7c253
pipeline-input-step:495.ve9c153f6067b_
pipeline-milestone-step:119.vdfdc43fc3b_9a_
pipeline-model-api:2.2214.vb_b_34b_2ea_9b_83
pipeline-model-definition:2.2214.vb_b_34b_2ea_9b_83
pipeline-model-extensions:2.2214.vb_b_34b_2ea_9b_83
pipeline-rest-api:2.34
pipeline-stage-step:312.v8cd10304c27a_
pipeline-stage-tags-metadata:2.2214.vb_b_34b_2ea_9b_83
pipeline-stage-view:2.34
pipeline-utility-steps:2.18.0
plain-credentials:183.va_de8f1dd5a_2b_
plugin-usage-plugin:4.6
plugin-util-api:5.1.0
prism-api:1.29.0-17
pubsub-light:1.18
purge-job-history:1.6
resource-disposer:0.24
role-strategy:743.v142ea_b_d5f1d3
scm-api:698.v8e3b_c788f0a_6
script-security:1367.vdf2fc45f229c
slack:751.v2e44153c8fe1
snakeyaml-api:2.3-123.v13484c65210a_
sonar:2.17.2
sse-gateway:1.27
ssh-agent:376.v8933585c69d3
ssh-credentials:343.v884f71d78167
ssh-slaves:2.973.v0fa_8c0dea_f9f
ssh-steps:2.0.68.va_d21a_12a_6476
sshd:3.330.vc866a_8389b_58
structs:338.v848422169819
token-macro:400.v35420b_922dcb_
trilead-api:2.147.vb_73cc728a_32e
uno-choice:2.8.4
variant:60.v7290fc0eb_b_cd
warnings-ng:11.10.0
workflow-aggregator:600.vb_57cdd26fdd7
workflow-api:1336.vee415d95c521
workflow-basic-steps:1058.vcb_fc1e3a_21a_9
workflow-cps:3990.vd281dd77a_388
workflow-durable-task-step:1371.vb_7cec8f3b_95e
workflow-job:1459.v6c531091efcd
workflow-multibranch:795.ve0cb_1f45ca_9a_
workflow-scm-step:427.v4ca_6512e7df1
workflow-step-api:678.v3ee58b_469476
workflow-support:930.vf51d22b_ce488
ws-cleanup:0.47Jenkins: 2.483 OS: Linux - 5.15.0-124-generic Java: 17.0.12 - Eclipse Adoptium (OpenJDK 64-Bit Server VM) --- analysis-model-api:12.9.0 anchore-container-scanner:3.2.0 antisamy-markup-formatter:162.v0e6ec0fcfcf6 apache-httpcomponents-client-4-api:4.5.14-208.v438351942757 apache-httpcomponents-client-5-api:5.4-124.v31e2987e48f4 asm-api:9.7.1-97.v4cc844130d97 atlassian-jira-software-cloud:2.0.15 audit-trail:382.vf64d6f626060 authentication-tokens:1.119.v50285141b_7e1 basic-branch-build-strategies:190.v343a_ee70d920 bitbucket-oauth:0.13 blueocean:1.27.16 blueocean-autofavorite:1.2.5 blueocean-bitbucket-pipeline:1.27.16 blueocean-commons:1.27.16 blueocean-config:1.27.16 blueocean-core-js:1.27.16 blueocean-dashboard:1.27.16 blueocean-display-url:2.4.3 blueocean-events:1.27.16 blueocean-git-pipeline:1.27.16 blueocean-github-pipeline:1.27.16 blueocean-i18n:1.27.16 blueocean-jira:1.27.16 blueocean-jwt:1.27.16 blueocean-personalization:1.27.16 blueocean-pipeline-api-impl:1.27.16 blueocean-pipeline-editor:1.27.16 blueocean-pipeline-scm-api:1.27.16 blueocean-rest:1.27.16 blueocean-rest-impl:1.27.16 blueocean-web:1.27.16 bootstrap5-api:5.3.3-1 bouncycastle-api:2.30.1.78.1-248.ve27176eb_46cb_ branch-api:2.1197.vfa_d0c47c267d build-token-root:151.va_e52fe3215fc caffeine-api:3.1.8-133.v17b_1ff2e0599 checks-api:2.2.1 cloudbees-bitbucket-branch-source:895.v15dc41668f03 cloudbees-folder:6.955.v81e2a_35c08d3 command-launcher:115.vd8b_301cc15d0 commons-compress-api:1.26.1-2 commons-httpclient3-api:3.1-3 commons-lang3-api:3.17.0-84.vb_b_938040b_078 commons-text-api:1.12.0-129.v99a_50df237f7 configuration-as-code:1873.vea_5814ca_9c93 credentials:1389.vd7a_b_f5fa_50a_2 credentials-binding:687.v619cb_15e923f data-tables-api:2.1.8-1 display-url-api:2.209.v582ed814ff2f docker-commons:443.v921729d5611d docker-workflow:580.vc0c340686b_54 durable-task:577.v2a_8a_4b_7c0247 echarts-api:5.5.1-4 eddsa-api:0.3.0-4.v84c6f0f4969e favorite:2.221.v19ca_666b_62f5 font-awesome-api:6.6.0-2 forensics-api:2.6.0 git:5.6.0 git-client:6.1.0 git-parameter:0.9.19 git-server:126.v0d945d8d2b_39 github:1.40.0 github-api:1.321-478.vc9ce627ce001 github-branch-source:1807.v50351eb_7dd13 grypescanner:1.8 gson-api:2.11.0-85.v1f4e87273c33 handy-uri-templates-2-api:2.1.8-30.v7e777411b_148 htmlpublisher:1.36 instance-identity:201.vd2a_b_5a_468a_a_6 ionicons-api:74.v93d5eb_813d5f jackson2-api:2.17.0-379.v02de8ec9f64c jakarta-activation-api:2.1.3-1 jakarta-mail-api:2.1.3-1 javax-activation-api:1.2.0-7 javax-mail-api:1.6.2-10 jaxb:2.3.9-1 jdk-tool:80.v8a_dee33ed6f0 jenkins-design-language:1.27.16 jersey2-api:2.44-151.v6df377fff741 jira:3.13 jjwt-api:0.11.5-112.ve82dfb_224b_a_d joda-time-api:2.13.0-93.v9934da_29b_a_e9 jquery:1.12.4-3 jquery3-api:3.7.1-2 jsch:0.2.16-86.v42e010d9484b_ json-api:20240303-101.v7a_8666713110 json-path-api:2.9.0-118.v7f23ed82a_8b_8 junit:1307.vdd5b_2646279e mailer:489.vd4b_25144138f mapdb-api:1.0.9-40.v58107308b_7a_7 matrix-auth:3.2.3 matrix-project:840.v812f627cb_578 mercurial:1260.vdfb_723cdcc81 mina-sshd-api-common:2.14.0-133.vcc091215a_358 mina-sshd-api-core:2.14.0-133.vcc091215a_358 miniorange-saml-sp:2.4.4 nexus-artifact-uploader:2.14 okhttp-api:4.11.0-181.v1de5b_83857df pipeline-build-step:540.vb_e8849e1a_b_d8 pipeline-graph-analysis:216.vfd8b_ece330ca_ pipeline-groovy-lib:744.v5b_556ee7c253 pipeline-input-step:495.ve9c153f6067b_ pipeline-milestone-step:119.vdfdc43fc3b_9a_ pipeline-model-api:2.2214.vb_b_34b_2ea_9b_83 pipeline-model-definition:2.2214.vb_b_34b_2ea_9b_83 pipeline-model-extensions:2.2214.vb_b_34b_2ea_9b_83 pipeline-rest-api:2.34 pipeline-stage-step:312.v8cd10304c27a_ pipeline-stage-tags-metadata:2.2214.vb_b_34b_2ea_9b_83 pipeline-stage-view:2.34 pipeline-utility-steps:2.18.0 plain-credentials:183.va_de8f1dd5a_2b_ plugin-usage-plugin:4.6 plugin-util-api:5.1.0 prism-api:1.29.0-17 pubsub-light:1.18 purge-job-history:1.6 resource-disposer:0.24 role-strategy:743.v142ea_b_d5f1d3 scm-api:698.v8e3b_c788f0a_6 script-security:1367.vdf2fc45f229c slack:751.v2e44153c8fe1 snakeyaml-api:2.3-123.v13484c65210a_ sonar:2.17.2 sse-gateway:1.27 ssh-agent:376.v8933585c69d3 ssh-credentials:343.v884f71d78167 ssh-slaves:2.973.v0fa_8c0dea_f9f ssh-steps:2.0.68.va_d21a_12a_6476 sshd:3.330.vc866a_8389b_58 structs:338.v848422169819 token-macro:400.v35420b_922dcb_ trilead-api:2.147.vb_73cc728a_32e uno-choice:2.8.4 variant:60.v7290fc0eb_b_cd warnings-ng:11.10.0 workflow-aggregator:600.vb_57cdd26fdd7 workflow-api:1336.vee415d95c521 workflow-basic-steps:1058.vcb_fc1e3a_21a_9 workflow-cps:3990.vd281dd77a_388 workflow-durable-task-step:1371.vb_7cec8f3b_95e workflow-job:1459.v6c531091efcd workflow-multibranch:795.ve0cb_1f45ca_9a_ workflow-scm-step:427.v4ca_6512e7df1 workflow-step-api:678.v3ee58b_469476 workflow-support:930.vf51d22b_ce488 ws-cleanup:0.47
Coming from: https://issues.jenkins.io/browse/SECURITY-3476
Hello,
running pipelines with "docker.withRegistry" result with the following warning:
Can you handle that more securely?
Regards,
Andrea
FTR we asked this be re-filed in public, as it does not constitute a vulnerability.