Jenkins Openid Connect Provider
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Jenkins Openid Connect Provider.
By the Year
In 2025 there have been 1 vulnerability in Jenkins Openid Connect Provider.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 1 | 0.00 |
It may take a day or so for new Openid Connect Provider vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Jenkins Openid Connect Provider Security Vulnerabilities
Jenkins OCPI Plugin ID Token Impersonation via Env Vars
CVE-2025-47884
- May 14, 2025
In Jenkins OpenID Connect Provider Plugin 96.vee8ed882ec4d and earlier the generation of build ID Tokens uses potentially overridden values of environment variables, in conjunction with certain other plugins allowing attackers able to configure jobs to craft a build ID Token that impersonates a trusted job, potentially gaining unauthorized access to external services.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Jenkins Openid Connect Provider or by Jenkins? Click the Watch button to subscribe.
