CVE-2024-52553

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-52553

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-52553.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-52553

Aliases

GHSA-h23j-73ww-7594

Published

2024-11-13T21:15:29Z

Modified

2025-05-17T14:23:53.258395Z

Summary

[none]

Details

Jenkins OpenId Connect Authentication Plugin 4.418.vccc7061f5b_6d and earlier does not invalidate the previous session on login.

References

https://www.jenkins.io/security/advisory/2024-11-13/#SECURITY-3473

Affected packages

Git / github.com/jenkinsci/oic-auth-plugin

Affected ranges

Type: GIT
Repo: https://github.com/jenkinsci/oic-auth-plugin
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

5422614ebe0ade06fd07aaa2863499ad59946990

Affected versions

4.*

4.223.v503b_9a_75a_8a_f

4.224.v62720cfa_026e

4.225.v03326773b_44b_

4.227.v36610663f760

4.228.v0c3e8682ff1f

4.229.vf736b_fec02f4

4.236.v4124503b_a_f88

4.238.v0021f710b_b_f4

4.239.v325750a_96f3b_

4.250.v5a_d993226437

4.257.v5360e8489e8b_

4.269.va_7526f34f306

4.279.vca_c1e2fdd24b_

4.284.v0cc21de03d37

4.290.v6f5e8da_e98b_2

4.297.vcddb_d8a_e4694

4.299.v5ca_eb_6a_f3e6d

4.303.v84089a_708ea_7

4.320.v23537cb_a_b_5c6

4.324.vfd49d010926b_

4.329.v994d3f265d68

4.330.v6fdfc07513e3

4.331.vd925b_f76f3a_c

4.340.ve70636c6590e

4.346.v10401f543622

4.350.v347c3b_8b_9d95

4.354.v321ce67a_1de8

4.355.v3a_fb_fca_b_96d4

4.371.vc7c0c06e8a_f5

4.388.v4f73328eb_d2c

4.409.ve864b_f48b_0f3

4.411.v990b_9d36e74e

4.418.vccc7061f5b_6d

Other

oic-auth-1.*

oic-auth-1.0

oic-auth-1.1

oic-auth-1.2

oic-auth-1.3

oic-auth-1.4

oic-auth-1.5

oic-auth-1.6

oic-auth-1.7

oic-auth-1.8

oic-auth-2.*

oic-auth-2.0

oic-auth-2.1

oic-auth-2.2

oic-auth-2.3

oic-auth-2.4

oic-auth-2.5

oic-auth-2.6

oic-auth-3.*

oic-auth-3.0