pkg:maven/org.jenkins-ci.plugins/hashicorp-vault-plugin
Type
maven
Namespace
org.jenkins-ci.plugins
Name
hashicorp-vault-plugin
Known advisories, vulnerabilities and fixes for org.jenkins-ci.plugins/hashicorp-vault-plugin package.
Medium
4
Low
1
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | <= 3.7.0 |
CVE-2022-23109
|
JENKINS:SECURITY-2213 | Improper credentials masking in `hashicorp-vault-plugin` | medium |
2022-01-12T00:00:00
(2 years ago) |
|
Fixed | = 3.8.0 |
CVE-2022-23109
|
JENKINS:SECURITY-2213 | Improper credentials masking in `hashicorp-vault-plugin` | medium |
2022-01-12T00:00:00
(2 years ago) |
|
Affected | <= 3.8.0 |
CVE-2022-25186
|
JENKINS:SECURITY-2429 | Agent-to-controller security bypass in `hashicorp-vault-plugin` | low |
2022-02-15T00:00:00
(2 years ago) |
|
Fixed | = 336.v182c0fbaaeb7 |
CVE-2022-25186
|
JENKINS:SECURITY-2429 | Agent-to-controller security bypass in `hashicorp-vault-plugin` | low |
2022-02-15T00:00:00
(2 years ago) |
|
Affected | <= 336.v182c0fbaaeb7 |
CVE-2022-25197
|
JENKINS:SECURITY-2521 | Agent-to-controller security bypass in `hashicorp-vault-plugin` allows reading arbitrary files | medium |
2022-02-15T00:00:00
(2 years ago) |
|
Affected | <= 354.vdb_858fd6b_f48 |
CVE-2022-36888
|
JENKINS:SECURITY-2593 | Missing permission checks in `hashicorp-vault-plugin` allow capturing credentials | medium |
2022-07-27T00:00:00
(2 years ago) |
|
Fixed | = 355.v3b_38d767a_b_a_8 |
CVE-2022-36888
|
JENKINS:SECURITY-2593 | Missing permission checks in `hashicorp-vault-plugin` allow capturing credentials | medium |
2022-07-27T00:00:00
(2 years ago) |
|
Affected | <= 360.v0a_1c04cf807d |
CVE-2023-33001
|
JENKINS:SECURITY-3077 | Improper masking of credentials in `hashicorp-vault-plugin` | medium |
2023-05-16T00:00:00
(16 months ago) |