CVE-2025-49830
- EPSS 0.06%
- Veröffentlicht 15.07.2025 20:15:40
- Zuletzt bearbeitet 11.09.2025 20:25:17
Conjur provides secrets management and application identity for infrastructure. An authenticated attacker who is able to load policy can use the policy yaml parser to reference files on the Secrets Manager, Self-Hosted server. These references may be...
CVE-2025-49831
- EPSS 0.12%
- Veröffentlicht 15.07.2025 20:10:35
- Zuletzt bearbeitet 12.09.2025 11:07:15
An attacker of Secrets Manager, Self-Hosted installations that route traffic from Secrets Manager to AWS through a misconfigured network device can reroute authentication requests to a malicious server under the attacker’s control. CyberArk believes ...
CVE-2025-49829
- EPSS 0.04%
- Veröffentlicht 15.07.2025 19:47:59
- Zuletzt bearbeitet 11.09.2025 20:35:29
Conjur provides secrets management and application identity for infrastructure. Missing validations in Secrets Manager, Self-Hosted allows authenticated attackers to inject resources into the database and to bypass permission checks. This issue affec...
CVE-2025-49828
- EPSS 0.44%
- Veröffentlicht 15.07.2025 19:35:33
- Zuletzt bearbeitet 11.09.2025 20:38:42
Conjur provides secrets management and application identity for infrastructure. Conjur OSS versions 1.19.5 through 1.21.1 and Secrets Manager, Self-Hosted (formerly known as Conjur Enterprise) 13.1 through 13.4.1 are vulnerable to remote code executi...
CVE-2025-49827
- EPSS 0.14%
- Veröffentlicht 15.07.2025 19:26:06
- Zuletzt bearbeitet 12.09.2025 18:11:58
Conjur provides secrets management and application identity for infrastructure. Conjur OSS versions 1.19.5 through 1.22.0 and Secrets Manager, Self-Hosted (formerly known as Conjur Enterprise) 13.1 through 13.5 and 13.6 are vulnerable to bypass of th...