CVE-2025-67642

Jenkins HashiCorp Vault Plugin 371.v884a4dd60fb6 and earlier does not set the appropriate context for Vault credentials lookup, allowing attackers with Item/Configure permission to access and potentially capture Vault credentials they are not entitled to...

Jenkins HashiCorp Vault Plugin 安全漏洞

Jenkins HashiCorp Vault Plugin is an open source plugin for Jenkins. A security vulnerability exists in Jenkins Plugin HashiCorp Vault 371.v884a4dd60fb6 and prior versions, which stems from a failure to set up the proper Vault credential lookup context, which could result in access to unauthorize...