Lucene search
JenkinsCVELIST:CVE-2023-37947HistoryJul 12, 2023 - 3:52 p.m.
CVE-2023-37947
2023-07-1215:52:49
jenkins
www.cve.org
2
cve-2023-37947
jenkins
openshift
login plugin
redirect url
phishing attacks
0.001 Low
EPSS
Percentile
19.4%
Jenkins OpenShift Login Plugin 1.1.0.227.v27e08dfb_1a_20 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Jenkins OpenShift Login Plugin",
"vendor": "Jenkins Project",
"versions": [
{
"lessThanOrEqual": "1.1.0.227.v27e08dfb_1a_20",
"status": "affected",
"version": "0",
"versionType": "maven"
}
]
}
]Related
osv
osv
Jenkins OpenShift Login Plugin vulnerable to Open Redirect
2023-07-12 18:30:38
prion
prion
Design/Logic Flaw
2023-07-12 16:15:00
nvd
nvd
CVE-2023-37947
2023-07-12 16:15:13
github
github
Jenkins OpenShift Login Plugin vulnerable to Open Redirect
2023-07-12 18:30:38
redhatcve
redhatcve
CVE-2023-37947
2023-07-17 17:12:01
cve
cve
CVE-2023-37947
2023-07-12 16:15:13
redhat
redhat
(RHSA-2024:0777) Important: jenkins and jenkins-2-plugins security update
2024-02-12 10:20:42
(RHSA-2024:0778) Important: Jenkins and Jenkins-2-plugins security update
2024-02-12 10:30:15
nessus
nessus
RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2024:0777)
2024-04-28 00:00:00
RHEL 8 : Jenkins and Jenkins-2-plugins (RHSA-2024:0778)
2024-04-29 00:00:00