Package impact
Maven / org.jenkins-ci.plugins:azure-ad
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-42525 | medium | 4.3 | 4.3 | 1mo ago | Jenkins Microsoft Entra ID (previously Azure AD) Plugin has an open redirect vulnerability | |||
| CVE-2023-41935 | unknown | — | — | 3y ago | Non-constant time nonce comparison in Jenkins Microsoft Entra ID (previously Azure AD) Plugin | |||
| CVE-2023-24426 | unknown | — | — | 3y ago | Insufficient Session Expiration in Jenkins Azure AD Plugin | |||
| CVE-2021-21679 | unknown | — | — | 4y ago | Jenkins Azure AD Plugin allows bypassing CSRF protection for any URL | |||
| CVE-2020-2119 | unknown | — | — | 4y ago | Client secret transmitted in plain text by Azure AD Plugin | |||
| CVE-2019-10318 | unknown | — | — | 4y ago | Jenkins Azure AD Plugin stored the client secret unencrypted |