Openid Connect Authentication@* Security Vulnerabilities and Issues — Openid Connect Authentication@* CVE List

Lucene search

JenkinsOpenid Connect Authentication*

2 matches found

CVE•added 2023/01/26 9:18 p.m.•62 views

CVE-2023-24424

Jenkins OpenId Connect Authentication Plugin 2.4 and earlier does not invalidate the previous session on login.

8.8CVSS8.6AI score0.00299EPSS

CVE•added 2023/12/13 6:15 p.m.•51 views

CVE-2023-50771

Jenkins OpenId Connect Authentication Plugin 2.6 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks.

6.1CVSS6.2AI score0.00059EPSS