pkg:maven/org.jenkins-ci.plugins/conjur-credentials

Type maven

Namespace org.jenkins-ci.plugins

Name conjur-credentials

Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/conjur-credentials package.

Repository: https://mvnrepository.com/artifact/org.jenkins-ci.plugins/conjur-credentials

Medium 3

Type	Version	Distribution	# CVEs	# Advisory ID	Title	Severity	Published
Affected	<= 1.0.11		CVE-2022-25190	JENKINS:SECURITY-2350	Missing permission check in `conjur-credentials` allows enumerating credentials IDs	medium	2022-02-15T00:00:00 (2 years ago)
Fixed	= 1.0.12		CVE-2022-25190	JENKINS:SECURITY-2350	Missing permission check in `conjur-credentials` allows enumerating credentials IDs	medium	2022-02-15T00:00:00 (2 years ago)
Affected	<= 1.0.9		CVE-2022-23116	JENKINS:SECURITY-2522-1	Agent-to-controller security bypass in `conjur-credentials` allows decrypting secrets	medium	2022-01-12T00:00:00 (2 years ago)
Affected	<= 1.0.9		CVE-2022-23117	JENKINS:SECURITY-2522-2	Agent-to-controller security bypass in `conjur-credentials` allows retrieving all credentials	medium	2022-01-12T00:00:00 (2 years ago)