Filtered by vendor Jenkins
Subscriptions
Filtered by product Conjur Secrets
Subscriptions
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-25190 | 1 Jenkins | 1 Conjur Secrets | 2024-10-15 | 4.3 Medium |
A missing permission check in Jenkins Conjur Secrets Plugin 1.0.11 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | ||||
CVE-2022-23117 | 1 Jenkins | 1 Conjur Secrets | 2024-08-03 | 7.5 High |
Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able to control agent processes to retrieve all username/password credentials stored on the Jenkins controller. | ||||
CVE-2022-23116 | 1 Jenkins | 1 Conjur Secrets | 2024-08-03 | 7.5 High |
Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able to control agent processes to decrypt secrets stored in Jenkins obtained through another method. |
Page 1 of 1.