Filtered by vendor Jenkins
Subscriptions
Filtered by product Saml
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-64131 | 1 Jenkins | 2 Jenkins, Saml | 2025-12-22 | 7.5 High |
| Jenkins SAML Plugin 4.583.vc68232f7018a_ and earlier does not implement a replay cache, allowing attackers able to obtain information about the SAML authentication flow between a user's web browser and Jenkins to replay those requests, authenticating to Jenkins as that user. | ||||
| CVE-2021-21678 | 1 Jenkins | 1 Saml | 2024-11-21 | 8.8 High |
| Jenkins SAML Plugin 2.0.7 and earlier allows attackers to craft URLs that would bypass the CSRF protection of any target URL in Jenkins. | ||||
| CVE-2018-1000602 | 1 Jenkins | 1 Saml | 2024-11-21 | N/A |
| A session fixation vulnerability exists in Jenkins SAML Plugin 1.0.6 and earlier in SamlSecurityRealm.java that allows unauthorized attackers to impersonate another users if they can control the pre-authentication session. | ||||
Page 1 of 1.