Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3
CVE-2022-25190
- EPSS 0.34%
- Published 15.02.2022 17:15:10
- Last modified 21.11.2024 06:51:46
A missing permission check in Jenkins Conjur Secrets Plugin 1.0.11 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
7.5
CVE-2022-23116
- EPSS 0.34%
- Published 12.01.2022 20:15:09
- Last modified 21.11.2024 06:48:01
Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able to control agent processes to decrypt secrets stored in Jenkins obtained through another method.
7.5
CVE-2022-23117
- EPSS 0.61%
- Published 12.01.2022 20:15:09
- Last modified 21.11.2024 06:48:01
Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able to control agent processes to retrieve all username/password credentials stored on the Jenkins controller.
1