Openshift Login CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-37947	3 Jenkins, Jenkins Project, Redhat	3 Openshift Login, Jenkins Openshift Login Plugin, Ocp Tools	2024-11-21	6.1 Medium
Jenkins OpenShift Login Plugin 1.1.0.227.v27e08dfb_1a_20 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks.
CVE-2023-37946	3 Jenkins, Jenkins Project, Redhat	3 Openshift Login, Jenkins Openshift Login Plugin, Ocp Tools	2024-11-21	8.8 High
Jenkins OpenShift Login Plugin 1.1.0.227.v27e08dfb_1a_20 and earlier does not invalidate the previous session on login.

Page 1 of 1.