Jenkins Conjur Secrets
By the Year
In 2024 there have been 0 vulnerabilities in Jenkins Conjur Secrets . Conjur Secrets did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 3 | 6.43 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Conjur Secrets vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Jenkins Conjur Secrets Security Vulnerabilities
A missing permission check in Jenkins Conjur Secrets Plugin 1.0.11 and earlier
CVE-2022-25190
4.3 - Medium
- February 15, 2022
A missing permission check in Jenkins Conjur Secrets Plugin 1.0.11 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
AuthZ
Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality
CVE-2022-23116
7.5 - High
- January 12, 2022
Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able to control agent processes to decrypt secrets stored in Jenkins obtained through another method.
Missing Encryption of Sensitive Data
Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality
CVE-2022-23117
7.5 - High
- January 12, 2022
Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able to control agent processes to retrieve all username/password credentials stored on the Jenkins controller.
Insufficiently Protected Credentials
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Jenkins Conjur Secrets or by Jenkins? Click the Watch button to subscribe.
