exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 2

CVE-2025-24399

около 1 года назад

Jenkins OpenId Connect Authentication Plugin 4.452.v2849b_d3945fa_ and earlier, except 4.438.440.v3f5f201de5dc, treats usernames as case-insensitive, allowing attackers on Jenkins instances configured with a case-sensitive OpenID Connect provider to log in as any user by providing a username that differs only in letter case, potentially gaining administrator access to Jenkins.

CVSS3: 8.8

EPSS: Низкий

GHSA-q9cm-88jx-3vfw

около 1 года назад

Improper handling of case sensitivity in Jenkins OpenId Connect Authentication Plugin

CVSS3: 8.8

EPSS: Низкий

Уязвимостей на страницу

	Уязвимость	CVSS	EPSS	Опубликовано
	CVE-2025-24399 Jenkins OpenId Connect Authentication Plugin 4.452.v2849b_d3945fa_ and earlier, except 4.438.440.v3f5f201de5dc, treats usernames as case-insensitive, allowing attackers on Jenkins instances configured with a case-sensitive OpenID Connect provider to log in as any user by providing a username that differs only in letter case, potentially gaining administrator access to Jenkins.	CVSS3: 8.8	0% Низкий	около 1 года назад
	GHSA-q9cm-88jx-3vfw Improper handling of case sensitivity in Jenkins OpenId Connect Authentication Plugin	CVSS3: 8.8	0% Низкий	около 1 года назад

Уязвимостей на страницу