Jenkins Azure Key Vault
By the Year
In 2023 there have been 1 vulnerability in Jenkins Azure Key Vault with an average score of 7.5 out of ten. Azure Key Vault did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2023 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 1 | 7.50 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 1 | 4.30 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Azure Key Vault vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Jenkins Azure Key Vault Security Vulnerabilities
Jenkins Azure Key Vault Plugin 187.va_cd5fecd198a_ and earlier does not properly mask (i.e
CVE-2023-30514
7.5 - High
- April 12, 2023
Jenkins Azure Key Vault Plugin 187.va_cd5fecd198a_ and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled.
Cleartext Transmission of Sensitive Information
A missing permission check in Jenkins Azure Key Vault Plugin 2.0 and earlier
CVE-2020-2313
4.3 - Medium
- November 04, 2020
A missing permission check in Jenkins Azure Key Vault Plugin 2.0 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
AuthZ
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Jenkins Azure Key Vault or by Jenkins? Click the Watch button to subscribe.
