Openid Connect Authentication

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2025-24399 HIGH PATCH This Month

Jenkins OpenId Connect Authentication Plugin 4.452.v2849b_d3945fa_ and earlier, except 4.438.440.v3f5f201de5dc, treats usernames as case-insensitive, allowing attackers on Jenkins instances. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Jenkins Openid Connect Authentication

NVD

CVSS 3.1

8.8

EPSS

0.4%

CVE-2025-24399

EPSS 0% CVSS 8.8

HIGH PATCH This Month

Jenkins OpenId Connect Authentication Plugin 4.452.v2849b_d3945fa_ and earlier, except 4.438.440.v3f5f201de5dc, treats usernames as case-insensitive, allowing attackers on Jenkins instances. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Jenkins Openid Connect Authentication

NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy