Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Jenkins Project | Jenkins OpenShift Login Plugin | unaffected |
|
| Package | CPE | Advisory | Released Date |
|---|---|---|---|
| OCP-Tools-4.12-RHEL-8 | |||
| jenkins-2-plugins-0:4.12.1706515741-1.el8 | cpe:/a:redhat:ocp_tools:4.12::el8 | RHSA-2024:0778 | 2024-02-12T00:00:00Z |
| OCP-Tools-4.14-RHEL-8 | |||
| jenkins-2-plugins-0:4.14.1706516441-1.el8 | cpe:/a:redhat:ocp_tools:4.14::el8 | RHSA-2024:0777 | 2024-02-12T00:00:00Z |
No data available yet.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2023-1934 | Jenkins OpenShift Login Plugin 1.1.0.227.v27e08dfb_1a_20 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks. |
 Github GHSA |
GHSA-35gf-xjgf-96c5 | Jenkins OpenShift Login Plugin vulnerable to Open Redirect |
Thu, 07 Nov 2024 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Jenkins Project
Jenkins Project jenkins Openshift Login Plugin |
|
| CPEs | cpe:2.3:a:jenkins_project:jenkins_openshift_login_plugin:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Jenkins Project
Jenkins Project jenkins Openshift Login Plugin |
|
| Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: jenkins
Published:
Updated: 2024-11-07T14:56:33.403Z
Reserved: 2023-07-11T09:47:04.493Z
Link: CVE-2023-37947
Vulnrichment
Updated: 2024-08-02T17:23:27.820Z
NVD
Status : Modified
Published: 2023-07-12T16:15:13.277
Modified: 2024-11-21T08:12:31.180
Link: CVE-2023-37947
Redhat
OpenCVE Enrichment
No data.