GHSA-939x-6mwj-96r2
Suggest an improvement- Source
- https://github.com/advisories/GHSA-939x-6mwj-96r2
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/01/GHSA-939x-6mwj-96r2/GHSA-939x-6mwj-96r2.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-939x-6mwj-96r2
- Aliases
- Published
- 2023-01-26T21:30:18Z
- Modified
- 2023-11-08T04:11:44.798273Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- Insufficient Session Expiration in Jenkins Azure AD Plugin
- Details
-
Jenkins Azure AD Plugin 303.va_91ef20ee49f and earlier does not invalidate the previous session on login.
- Database specific
{ "nvd_published_at": "2023-01-26T21:18:00Z", "github_reviewed_at": "2023-02-04T00:30:33Z", "severity": "HIGH", "github_reviewed": true, "cwe_ids": [ "CWE-613" ] }- References
Affected packages
Maven / org.jenkins-ci.plugins:azure-ad
Package
- Name
- org.jenkins-ci.plugins:azure-ad
- View open source insights on deps.dev
- Purl
- pkg:maven/org.jenkins-ci.plugins/azure-ad
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedLast affected303.va
Affected versions
0.*
0.1.1
0.1.1-1
0.2.0
0.3.0
0.3.1
0.3.2
0.3.3
0.3.4
1.*
1.0.0
1.1.0
1.1.1
1.1.2
1.2.0
1.2.1
1.2.2
1.2.3
146.*
146.vb688d1511c38
150.*
150.vb3db9f880321
152.*
152.v1609ed460604
153.*
153.v7af57b288088
154.*
154.v12e17a5f9ea3
155.*
155.v745ce80af7ea
157.*
157.v2d3d5782a602
158.*
158.v437429002c6b
164.*
164.v5b48baa961d2
165.*
165.v36344b7d7ca7
167.*
167.v34c2c5a3a030
168.*
168.ve6e7e368dbf6
170.*
170.v0a6219442a99
171.*
171.v9ef20c94d336
172.*
172.vf6a517c3329a
173.*
173.v0a210fffb510
174.*
174.vc2d906355813
175.*
175.v5513346d764a
177.*
177.v80b6c1591bf9
178.*
178.v7b93892fbe4c
179.*
179.vf6841393099e
180.*
180.v8b1e80e6f242
183.*
183.vf8c6fa4c6567
184.*
184.v44f04b65bdd5
185.*
185.v3b416408dcb1
188.*
188.v2369adb95a31
189.*
189.v2da14dccdb43
190.*
190.v872b1977148a
191.*
191.vfc8019068670
194.*
194.v70a6d5203ce4
195.*
195.v8555a0bf0d22
213.*
213.v5b_00db_295f49
218.*
218.v90f6a_980b_a_61
233.*
233.v934e074916c7
234.*
234.vb_ece34ecd5ff
241.*
241.vb_e5cd7c35b_2e
267.*
267.v5b_dfb_514d9fd