Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/16 9:20 p.m.23 views

CVE-2025-47884

In Jenkins OpenID Connect Provider Plugin 96.vee8ed882ec4d and earlier the generation of build ID Tokens uses potentially overridden values of environment variables, in conjunction with certain other plugins allowing attackers able to configure jobs to craft a build ID Token that impersonates a...

9.1CVSS6.7AI score0.00609EPSS
Exploits0References1
OSV
OSV
added 2025/05/14 9:31 p.m.6 views

GHSA-Q7C3-X7HM-QQ72 Jenkins OpenID Connect Provider Plugin Incorrectly Validates Crafted Build ID Tokens

In Jenkins OpenID Connect Provider Plugin 96.vee8ed882ec4d and earlier the generation of build ID Tokens uses potentially overridden values of environment variables, in conjunction with certain other plugins allowing attackers able to configure jobs to craft a build ID Token that impersonates a...

9.1CVSS6.5AI score0.00609EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/05/14 8:35 p.m.7 views

CVE-2025-47884

In Jenkins OpenID Connect Provider Plugin 96.vee8ed882ec4d and earlier the generation of build ID Tokens uses potentially overridden values of environment variables, in conjunction with certain other plugins allowing attackers able to configure jobs to craft a build ID Token that impersonates a...

6.7AI score0.00609EPSS
Exploits0References1
CVE
CVE
added 2025/05/14 8:35 p.m.65 views

CVE-2025-47884

CVE-2025-47884 affects Jenkins OpenID Connect Provider Plugin versions 96.vee8ed882ec4d and earlier. The issue arises from build ID Token generation using potentially overridden environment variable values, which, when combined with other plugins that allow environment variable overrides, enables...

9.1CVSS7AI score0.00609EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder