Skip to main content

Openshift Login

2 CVEs product

Monthly

CVE-2023-37947 Maven MEDIUM PATCH This Month

Jenkins OpenShift Login Plugin 1.1.0.227.v27e08dfb_1a_20 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins Open Redirect Openshift Login
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2023-37946 Maven HIGH PATCH This Week

Jenkins OpenShift Login Plugin 1.1.0.227.v27e08dfb_1a_20 and earlier does not invalidate the previous session on login. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins Session Fixation Information Disclosure Openshift Login
NVD
CVSS 3.1
8.8
EPSS
0.8%
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Jenkins OpenShift Login Plugin 1.1.0.227.v27e08dfb_1a_20 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins Open Redirect Openshift Login
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Jenkins OpenShift Login Plugin 1.1.0.227.v27e08dfb_1a_20 and earlier does not invalidate the previous session on login. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins Session Fixation Information Disclosure +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy