CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Jenkins: >> Hashicorp Vault >> 354.vdb_858fd6b_f48 Security Vulnerabilities

CVE-2025-67642

Jenkins HashiCorp Vault Plugin 371.v884a_4dd60fb_6 and earlier does not set the appropriate context for Vault credentials lookup, allowing attackers with Item/Configure permission to access and potentially capture Vault credentials they are not entitled to.

CVSS Score

4.3

EPSS Score

0.001

Published

2025-12-10

CVE-2022-36888

A missing permission check in Jenkins HashiCorp Vault Plugin 354.vdb_858fd6b_f48 and earlier allows attackers with Overall/Read permission to obtain credentials stored in Vault with attacker-specified path and keys.

CVSS Score

6.5

EPSS Score

0.004

Published

2022-07-27

Page 1

Vulnerabilities

Vulnerable Software

Jenkins: >> Hashicorp Vault >> 354.vdb_858fd6b_f48 Security Vulnerabilities

Products

Pricing

Contact Us