GHSA-939x-6mwj-96r2

Source

https://github.com/advisories/GHSA-939x-6mwj-96r2

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/01/GHSA-939x-6mwj-96r2/GHSA-939x-6mwj-96r2.json

Aliases

CVE-2023-24426

Published

2023-01-26T21:30:18Z

Modified

2023-11-08T04:11:44.798273Z

Details

Jenkins Azure AD Plugin 303.va_91ef20ee49f and earlier does not invalidate the previous session on login.

References

Affected packages

Maven / org.jenkins-ci.plugins:azure-ad

Package

Name: org.jenkins-ci.plugins:azure-ad

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Last affected

303.va

Affected versions

0.*

0.1.1

0.1.1-1

0.2.0

0.3.0

0.3.1

0.3.2

0.3.3

0.3.4

1.*

1.0.0

1.1.0

1.1.1

1.1.2

1.2.0

1.2.1

1.2.2

1.2.3

146.*

146.vb688d1511c38

150.*

150.vb3db9f880321

152.*

152.v1609ed460604

153.*

153.v7af57b288088

154.*

154.v12e17a5f9ea3

155.*

155.v745ce80af7ea

157.*

157.v2d3d5782a602

158.*

158.v437429002c6b

164.*

164.v5b48baa961d2

165.*

165.v36344b7d7ca7

167.*

167.v34c2c5a3a030

168.*

168.ve6e7e368dbf6

170.*

170.v0a6219442a99

171.*

171.v9ef20c94d336

172.*

172.vf6a517c3329a

173.*

173.v0a210fffb510

174.*

174.vc2d906355813

175.*

175.v5513346d764a

177.*

177.v80b6c1591bf9

178.*

178.v7b93892fbe4c

179.*

179.vf6841393099e

180.*

180.v8b1e80e6f242

183.*

183.vf8c6fa4c6567

184.*

184.v44f04b65bdd5

185.*

185.v3b416408dcb1

188.*

188.v2369adb95a31

189.*

189.v2da14dccdb43

190.*

190.v872b1977148a

191.*

191.vfc8019068670

194.*

194.v70a6d5203ce4

195.*

195.v8555a0bf0d22

213.*

213.v5b_00db_295f49

218.*

218.v90f6a_980b_a_61

233.*

233.v934e074916c7

234.*

234.vb_ece34ecd5ff

241.*

241.vb_e5cd7c35b_2e

267.*

267.v5b_dfb_514d9fd