CVE-2025-49829

🗓️ 15 Jul 2025 19:47:59Reported by GitHub_MType

Conjur OSS and Secrets Manager missing validations allow database injection and permission bypass issues.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2025-49829	18 Jul 202517:07	–	circl
CNNVD	CyberArk Conjur 安全漏洞	15 Jul 202500:00	–	cnnvd
Cvelist	CVE-2025-49829 Conjur OSS and Secrets Manager, Self-Hosted (formerly Conjur Enterprise) missing validations	15 Jul 202519:47	–	cvelist
EUVD	EUVD-2025-21550	3 Oct 202520:07	–	euvd
NVD	CVE-2025-49829	15 Jul 202520:15	–	nvd
OSV	CVE-2025-49829 Conjur OSS and Secrets Manager, Self-Hosted (formerly Conjur Enterprise) missing validations	15 Jul 202519:47	–	osv
Positive Technologies	PT-2025-29614 · Cyberark · Conjur +1	15 Jul 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-49829	17 Jul 202519:55	–	redhatcve
Vulnrichment	CVE-2025-49829 Conjur OSS and Secrets Manager, Self-Hosted (formerly Conjur Enterprise) missing validations	15 Jul 202519:47	–	vulnrichment

NVD

Vulners

Node

cyberark conjurRange<1.22.1open_source

cyberark conjurRange<13.5.1enterprise

cyberark conjurMatch13.6enterprise

[
  {
    "vendor": "cyberark",
    "product": "conjur",
    "versions": [
      {
        "version": "Conjur OSS < 1.22.1",
        "status": "affected"
      },
      {
        "version": "Secrets Manager, Self-Hosted (formerly known as Conjur Enterprise) < 13.5.1",
        "status": "affected"
      },
      {
        "version": "Secrets Manager, Self-Hosted (formerly known as Conjur Enterprise) = 13.6",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/cyberark/conjur/releases/tag/v1.22.1
github	www.github.com/cyberark/conjur/security/advisories/GHSA-9w76-m74g-4c2r
openwall	www.openwall.com/lists/oss-security/2025/07/16/7
openwall	www.openwall.com/lists/oss-security/2025/08/08/1

04 Nov 2025 22:16Current

6.3Medium risk

Vulners AI Score6.3

CVSS 3.16.5

CVSS 46

EPSS0.00239

SSVC

CWE-862