org.jenkins-ci.plugins:azure-ad (>=378.380.v545b_1154b_3fb_ <=457.vf85d61f83b_26), org.openshift.jenkins:openshift-login (>=1.1.0.227.v27e08dfb_1a_20 <=1.1.0.248.v1908df5c4f5e) potentially affected by CVE-2026-42521 via org.jenkins-ci.plugins:matrix-auth (>=3.1.10 <=3.2.1)

org.jenkins-ci.plugins:matrix-auth MAVEN version =3.1.10, =378.380.v545b1154b3fb, =1.1.0.227.v27e08dfb1a20, =1.1.0.248.v1908df5c4f5e Source cves: CVE-2026-42521 Source advisory: OSV:GHSA-JP9R-MMHW-VFF3...

RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2024:0776)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0776 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

Jenkins: Open redirect vulnerability in OpenShift Login Plugin

A flaw was found in the Jenkins OpenShift Login Plugin. Affected versions of this plugin could allow a remote attacker to conduct phishing attacks caused by an open redirect vulnerability. An attacker can use a specially crafted URL to redirect a victim to arbitrary web sites...

Jenkins: Open redirect vulnerability in OpenShift Login Plugin

A flaw was found in the Jenkins OpenShift Login Plugin. Affected versions of this plugin could allow a remote attacker to conduct phishing attacks caused by an open redirect vulnerability. An attacker can use a specially crafted URL to redirect a victim to arbitrary web sites...

Important: Red Hat Security Advisory: jenkins and jenkins-2-plugins security update

An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Jenkins: Session fixation vulnerability in OpenShift Login Plugin

A flaw was found in the Jenkins OpenShift Login Plugin. Affected versions of this plugin could allow a remote attacker to bypass security restrictions caused by not invalidating the existing session on login. By persuading a victim to visit a specially crafted Web site, an attacker can gain...

CVE-2023-37946

A flaw was found in the Jenkins OpenShift Login Plugin. Affected versions of this plugin could allow a remote attacker to bypass security restrictions caused by not invalidating the existing session on login. By persuading a victim to visit a specially crafted Web site, an attacker can gain...

com.joelj.jenkins:ez-templates (=1.0.5), com.synopsys.jenkinsci:ownership (>=0.9.0 <=0.13.0) +12 more potentially affected by CVE-2021-21623 via org.jenkins-ci.plugins:matrix-auth (>=1.0 <=1.7)

org.jenkins-ci.plugins:matrix-auth MAVEN version =1.0, =0.9.0, =0.34, =1.535, =1.645, =0.1.1, =1.0, =2.4.0, =1.0-beta.2, =1.0, =2.0.0, =0.1, =1.0.21 Source cves: CVE-2021-21623 Source advisory: OSV:GHSA-96JW-3XW4-MQ9P...

com.joelj.jenkins:ez-templates (=1.0.5), com.synopsys.jenkinsci:ownership (>=0.9.0 <=0.13.0) +12 more potentially affected by CVE-2020-2226 via org.jenkins-ci.plugins:matrix-auth (>=1.0 <=1.7)

org.jenkins-ci.plugins:matrix-auth MAVEN version =1.0, =0.9.0, =0.34, =1.535, =1.645, =0.1.1, =1.0, =2.4.0, =1.0-beta.2, =1.0, =2.0.0, =0.1, =1.0.21 Source cves: CVE-2020-2226 Source advisory: OSV:GHSA-VR6V-WJFW-RXCR...