CVE-2022-23116

Summary

Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able to control agent processes to decrypt secrets stored in Jenkins obtained through another method.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins Conjur Secrets Pluginunspecified <= 1.0.9affected
Jenkins projectJenkins Conjur Secrets Pluginnext of 1.0.9 < unspecifiedunknown

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References