Lucene search

K

Jenkins Conjur Secrets Plugin Security Vulnerabilities

cve
cve

CVE-2022-25190

A missing permission check in Jenkins Conjur Secrets Plugin 1.0.11 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in...

4.3CVSS

4.7AI Score

0.001EPSS

2022-02-15 05:15 PM
90
cve
cve

CVE-2022-23117

Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able to control agent processes to retrieve all username/password credentials stored on the Jenkins...

7.5CVSS

7.4AI Score

0.002EPSS

2022-01-12 08:15 PM
142
cve
cve

CVE-2022-23116

Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able to control agent processes to decrypt secrets stored in Jenkins obtained through another...

7.5CVSS

7.3AI Score

0.002EPSS

2022-01-12 08:15 PM
105