pkg:maven/org.conjur.jenkins/conjur-credentials
Type
maven
Namespace
org.conjur.jenkins
Name
conjur-credentials
Known advisories, vulnerabilities and fixes for org.conjur.jenkins/conjur-credentials package.
Moderate
3
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | < 1.0.12 |
CVE-2022-25190
|
MAVEN:GHSA-372F-JC47-7GR5 | Missing permission check in Jenkins Conjur Secrets Plugin allows enumerating credentials IDs | moderate |
2022-02-16T00:01:26
(2 years ago) |
|
Fixed | = 1.0.12 |
CVE-2022-25190
|
MAVEN:GHSA-372F-JC47-7GR5 | Missing permission check in Jenkins Conjur Secrets Plugin allows enumerating credentials IDs | moderate |
2022-02-16T00:01:26
(2 years ago) |
|
Affected | < 1.0.10 |
CVE-2022-23117
|
MAVEN:GHSA-CW68-XMM4-C83R | Agent-to-controller security bypass in Jenkins Conjur Secrets Plugin allows retrieving all credentials | moderate |
2022-01-13T00:00:53
(2 years ago) |
|
Fixed | = 1.0.10 |
CVE-2022-23117
|
MAVEN:GHSA-CW68-XMM4-C83R | Agent-to-controller security bypass in Jenkins Conjur Secrets Plugin allows retrieving all credentials | moderate |
2022-01-13T00:00:53
(2 years ago) |
|
Affected | < 1.0.10 |
CVE-2022-23116
|
MAVEN:GHSA-G7FX-MMJC-R7GV | Agent-to-controller security bypass in Jenkins Conjur Secrets Plugin allows decrypting secrets | moderate |
2022-01-13T00:00:52
(2 years ago) |
|
Fixed | = 1.0.10 |
CVE-2022-23116
|
MAVEN:GHSA-G7FX-MMJC-R7GV | Agent-to-controller security bypass in Jenkins Conjur Secrets Plugin allows decrypting secrets | moderate |
2022-01-13T00:00:52
(2 years ago) |