org.jenkins-ci.plugins:azure-ad (>=378.380.v545b_1154b_3fb_ <=457.vf85d61f83b_26), org.openshift.jenkins:openshift-login (>=1.1.0.227.v27e08dfb_1a_20 <=1.1.0.248.v1908df5c4f5e) potentially affected by CVE-2026-42521 via org.jenkins-ci.plugins:matrix-auth (>=3.1.10 <=3.2.1)

org.jenkins-ci.plugins:matrix-auth MAVEN version =3.1.10, =378.380.v545b1154b3fb, =1.1.0.227.v27e08dfb1a20, =1.1.0.248.v1908df5c4f5e Source cves: CVE-2026-42521 Source advisory: OSV:GHSA-JP9R-MMHW-VFF3...

RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2024:0776)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0776 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

Jenkins: Open redirect vulnerability in OpenShift Login Plugin

A flaw was found in the Jenkins OpenShift Login Plugin. Affected versions of this plugin could allow a remote attacker to conduct phishing attacks caused by an open redirect vulnerability. An attacker can use a specially crafted URL to redirect a victim to arbitrary web sites...

Jenkins: Open redirect vulnerability in OpenShift Login Plugin

A flaw was found in the Jenkins OpenShift Login Plugin. Affected versions of this plugin could allow a remote attacker to conduct phishing attacks caused by an open redirect vulnerability. An attacker can use a specially crafted URL to redirect a victim to arbitrary web sites...

Important: Red Hat Security Advisory: jenkins and jenkins-2-plugins security update

An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Jenkins: Session fixation vulnerability in OpenShift Login Plugin

A flaw was found in the Jenkins OpenShift Login Plugin. Affected versions of this plugin could allow a remote attacker to bypass security restrictions caused by not invalidating the existing session on login. By persuading a victim to visit a specially crafted Web site, an attacker can gain...

The vulnerability of the Jenkins OpenShift Login plugin, related to improper session management, allows attackers to bypass security restrictions.

The vulnerability of the Jenkins OpenShift Login plugin is related to improper session management. Exploiting this vulnerability allows a malicious actor to bypass security restrictions from a remote location...

CVE-2023-37946

A flaw was found in the Jenkins OpenShift Login Plugin. Affected versions of this plugin could allow a remote attacker to bypass security restrictions caused by not invalidating the existing session on login. By persuading a victim to visit a specially crafted Web site, an attacker can gain...

com.joelj.jenkins:ez-templates (=1.0.5), com.synopsys.jenkinsci:ownership (>=0.9.0 <=0.13.0) +12 more potentially affected by CVE-2021-21623 via org.jenkins-ci.plugins:matrix-auth (>=1.0 <=1.7)

org.jenkins-ci.plugins:matrix-auth MAVEN version =1.0, =0.9.0, =0.34, =1.535, =1.645, =0.1.1, =1.0, =2.4.0, =1.0-beta.2, =1.0, =2.0.0, =0.1, =1.0.21 Source cves: CVE-2021-21623 Source advisory: OSV:GHSA-96JW-3XW4-MQ9P...

com.joelj.jenkins:ez-templates (=1.0.5), com.synopsys.jenkinsci:ownership (>=0.9.0 <=0.13.0) +12 more potentially affected by CVE-2020-2226 via org.jenkins-ci.plugins:matrix-auth (>=1.0 <=1.7)

org.jenkins-ci.plugins:matrix-auth MAVEN version =1.0, =0.9.0, =0.34, =1.535, =1.645, =0.1.1, =1.0, =2.4.0, =1.0-beta.2, =1.0, =2.0.0, =0.1, =1.0.21 Source cves: CVE-2020-2226 Source advisory: OSV:GHSA-VR6V-WJFW-RXCR...