exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 2

CVE-2022-25186

почти 4 года назад

Jenkins HashiCorp Vault Plugin 3.8.0 and earlier implements functionality that allows agent processes to retrieve any Vault secrets for use on the agent, allowing attackers able to control agent processes to obtain Vault secrets for an attacker-specified path and key.

CVSS3: 6.5

EPSS: Низкий

GHSA-fm6q-97gw-c4wh

почти 4 года назад

Agent-to-controller security bypass in Jenkins HashiCorp Vault Plugin

CVSS3: 3.1

EPSS: Низкий

Уязвимостей на страницу

	Уязвимость	CVSS	EPSS	Опубликовано
	CVE-2022-25186 Jenkins HashiCorp Vault Plugin 3.8.0 and earlier implements functionality that allows agent processes to retrieve any Vault secrets for use on the agent, allowing attackers able to control agent processes to obtain Vault secrets for an attacker-specified path and key.	CVSS3: 6.5	0% Низкий	почти 4 года назад
	GHSA-fm6q-97gw-c4wh Agent-to-controller security bypass in Jenkins HashiCorp Vault Plugin	CVSS3: 3.1	0% Низкий	почти 4 года назад

Уязвимостей на страницу