CVE-2022-25190
CVE-2022-25190 – Jenkins Conjur Secrets Plugin has a missing permission check in an HTTP endpoint for versions 1.0.11 and earlier, allowing attackers with Overall/Read permission to enumerate credentials IDs stored in Jenkins. The issue could enable credential enumeration and facilitate further a...