pkg:maven/org.jenkins-ci.plugins/conjur-credentials
Type
maven
Namespace
org.jenkins-ci.plugins
Name
conjur-credentials
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/conjur-credentials package.
Medium
3
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | <= 1.0.11 |
CVE-2022-25190
|
JENKINS:SECURITY-2350 | Missing permission check in `conjur-credentials` allows enumerating credentials IDs | medium |
2022-02-15T00:00:00
(2 years ago) |
|
Fixed | = 1.0.12 |
CVE-2022-25190
|
JENKINS:SECURITY-2350 | Missing permission check in `conjur-credentials` allows enumerating credentials IDs | medium |
2022-02-15T00:00:00
(2 years ago) |
|
Affected | <= 1.0.9 |
CVE-2022-23116
|
JENKINS:SECURITY-2522-1 | Agent-to-controller security bypass in `conjur-credentials` allows decrypting secrets | medium |
2022-01-12T00:00:00
(2 years ago) |
|
Affected | <= 1.0.9 |
CVE-2022-23117
|
JENKINS:SECURITY-2522-2 | Agent-to-controller security bypass in `conjur-credentials` allows retrieving all credentials | medium |
2022-01-12T00:00:00
(2 years ago) |