Azure Key Vault

azure_key_vault

Vendor: Jenkins • 2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-30514 1Jenkins 1Azure Key Vault Feb 7, 2025 Apr 12, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Jenkins Azure Key Vault Plugin 187.va_cd5fecd198a_ and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled.
CVE-2020-2313 1Jenkins 1Azure Key Vault Nov 21, 2024 Nov 4, 2020 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 A missing permission check in Jenkins Azure Key Vault Plugin 2.0 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.