CVE-2025-64131

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-64131

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-64131.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-64131

Aliases

GHSA-j7r7-7qmf-xq87

Published

2025-10-29T14:15:57.133Z

Modified

2026-04-12T18:47:06.271574Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Jenkins SAML Plugin 4.583.vc68232f7018a_ and earlier does not implement a replay cache, allowing attackers able to obtain information about the SAML authentication flow between a user's web browser and Jenkins to replay those requests, authenticating to Jenkins as that user.

References

Affected packages

Git / github.com/jenkinsci/saml-plugin

Affected ranges

Type

GIT

Repo

https://github.com/jenkinsci/saml-plugin

Events

Introduced

Fixed

22ccc1139f558654ec39648feadaf03673bfc884

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "4.583.585.v22ccc1139f55"
        }
    ]
}

Affected versions

2.*

2.1.1-275.va_5718591a_999

2.291.vd3f2cd6d1c3e

2.295.vb_3b_1ea_96e7d7

2.296.v0016349946db_

2.297.v1a_dff8e51f90

2.298.vc7a_2b_3958628

2.333.vc81e525974a_c

3.*

3.343.vb_63a_6c3df23c

4.*

4.352.vb_722786ea_79d

4.354.vdc8c005cda_34

4.361.v79b_c2d76d2b_b

4.363.v6cc620b_d37a_2

4.364.veddefb_8dc0ea

4.365.v56110e68e1b_8

4.367.v4f342c34459a

4.369.v13507586ef8c

4.372.v89f13e4c9e97

4.385.v4dea_91565e9d

4.403.v423b_3195a_9ec

4.418.vdfa_7489a_b_a_2d

4.429.v9a_781a_61f1da_

4.464.vea_cb_75d7f5e0

4.485.v99810fb_34d77

4.487.v9f1c3328f1c0

4.496.v56a_6423dca_35

4.501.v4313a_01e3a_18

4.511.vef666858a_167

4.514.vfd5088cc4ed7

4.519.v3927f2f0e020

4.525.v4f6a_7209447e

4.544.v264eea_ed3eed

4.568.v78a_9a_db_8dc9b_

4.569.vcff838e19ed1

4.580.v4cb_5b_9ec2cc2

4.582.v79858eef4044

4.583.vc68232f7018a_

saml-0.*

saml-0.1

saml-0.10

saml-0.11

saml-0.12

saml-0.13

saml-0.14

saml-0.2

saml-0.3

saml-0.6

saml-0.7

saml-0.8

saml-0.9

saml-1.*

saml-1.0.0

saml-1.0.1

saml-1.0.2

saml-1.0.3

saml-1.0.4

saml-1.0.5

saml-1.0.6

saml-1.0.7

saml-1.0.8

saml-1.0.9

saml-1.1.0

saml-1.1.2

saml-1.1.3

saml-1.1.4

saml-1.1.5

saml-1.1.6

saml-1.1.7

saml-2.*

saml-2.0.0

saml-2.0.1

saml-2.0.2

saml-2.0.3

saml-2.0.5

saml-2.0.6

saml-2.0.7

saml-2.0.9

saml-2.1.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-64131.json"

vanir_signatures_modified

"2026-04-12T18:47:06Z"

vanir_signatures

[
    {
        "signature_version": "v1",
        "deprecated": false,
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "42755064531118465426564400892256902492",
                "293911180055994235000438795423555003819",
                "290199120084696097362071104175020502145",
                "158641622454782274848612402179282387666"
            ]
        },
        "source": "https://github.com/jenkinsci/saml-plugin/commit/22ccc1139f558654ec39648feadaf03673bfc884",
        "id": "CVE-2025-64131-bc2c394e",
        "signature_type": "Line",
        "target": {
            "file": "src/main/java/org/jenkinsci/plugins/saml/OpenSAMLWrapper.java"
        }
    },
    {
        "signature_version": "v1",
        "deprecated": false,
        "digest": {
            "length": 2244.0,
            "function_hash": "224149829167823732056140822233698689538"
        },
        "source": "https://github.com/jenkinsci/saml-plugin/commit/22ccc1139f558654ec39648feadaf03673bfc884",
        "id": "CVE-2025-64131-fd6e3db5",
        "signature_type": "Function",
        "target": {
            "function": "createSAML2Client",
            "file": "src/main/java/org/jenkinsci/plugins/saml/OpenSAMLWrapper.java"
        }
    }
]