Filtered by vendor Jenkins
Subscriptions
Filtered by product Conjur Secrets
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-23117 | 1 Jenkins | 1 Conjur Secrets | 2023-11-30 | 7.5 High |
| Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able to control agent processes to retrieve all username/password credentials stored on the Jenkins controller. | ||||
| CVE-2022-25190 | 1 Jenkins | 1 Conjur Secrets | 2023-11-30 | 4.3 Medium |
| A missing permission check in Jenkins Conjur Secrets Plugin 1.0.11 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | ||||
| CVE-2022-23116 | 1 Jenkins | 1 Conjur Secrets | 2023-11-30 | 7.5 High |
| Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able to control agent processes to decrypt secrets stored in Jenkins obtained through another method. | ||||
Page 1 of 1.