Jenkins Saml
By the Year
In 2024 there have been 0 vulnerabilities in Jenkins Saml . Saml did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 0 | 0.00 |
2021 | 1 | 8.80 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 1 | 5.90 |
It may take a day or so for new Saml vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Jenkins Saml Security Vulnerabilities
Jenkins SAML Plugin 2.0.7 and earlier allows attackers to craft URLs
CVE-2021-21678
8.8 - High
- August 31, 2021
Jenkins SAML Plugin 2.0.7 and earlier allows attackers to craft URLs that would bypass the CSRF protection of any target URL in Jenkins.
Session Riding
A session fixation vulnerability exists in Jenkins SAML Plugin 1.0.6 and earlier in SamlSecurityRealm.java
CVE-2018-1000602
5.9 - Medium
- June 26, 2018
A session fixation vulnerability exists in Jenkins SAML Plugin 1.0.6 and earlier in SamlSecurityRealm.java that allows unauthorized attackers to impersonate another users if they can control the pre-authentication session.
Session Fixation
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Jenkins Saml or by Jenkins? Click the Watch button to subscribe.