Jenkins Hashicorp_vault

6 CVEs affecting Jenkins Hashicorp_vault. Latest disclosed: 2025-12-10. Critical: 0, High: 1.

Top CVEs affecting Jenkins Hashicorp_vault
CVESeverityScorePublishedSummary
CVE-2023-33001High7.52023-05-16Jenkins HashiCorp Vault Plugin 360.v0a_1c04cf807d and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode…
CVE-2022-36888Medium6.52022-07-27A missing permission check in Jenkins HashiCorp Vault Plugin 354.vdb_858fd6b_f48 and earlier allows attackers with Overall/Read permission to obtain credential…
CVE-2022-25197Medium6.52022-02-15Jenkins HashiCorp Vault Plugin 336.v182c0fbaaeb7 and earlier implements functionality that allows agent processes to read arbitrary files on the Jenkins contro…
CVE-2022-25186Medium6.52022-02-15Jenkins HashiCorp Vault Plugin 3.8.0 and earlier implements functionality that allows agent processes to retrieve any Vault secrets for use on the agent, allow…
CVE-2022-23109Medium6.52022-01-12Jenkins HashiCorp Vault Plugin 3.7.0 and earlier does not mask Vault credentials in Pipeline build logs or in Pipeline step descriptions when Pipeline: Groovy…
CVE-2025-67642Medium4.32025-12-10Jenkins HashiCorp Vault Plugin 371.v884a_4dd60fb_6 and earlier does not set the appropriate context for Vault credentials lookup, allowing attackers with Item/…