Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up
Jenkins project

jenkins_conjur_secrets

4 Versions 3 CVEs

Versions

1.0.9

SEMANTIC 2 CVEs

unspecified

OTHER 3 CVEs

next of 1.0.9

OTHER 2 CVEs

1.0.11

SEMANTIC 1 CVE

Recent CVEs

CVE-2022-25190

A missing permission check in Jenkins Conjur Secrets Plugin 1.0.11 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.

UNKNOWN Feb 15, 2022

CVE-2022-23117

Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able to control agent processes to retrieve all username/password credentials stored on the Jenkins controller.

UNKNOWN Jan 12, 2022

CVE-2022-23116

Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able to control agent processes to decrypt secrets stored in Jenkins obtained through another method.

UNKNOWN Jan 12, 2022