CNNVD-202510-4015 Information

CNNVD ID

CNNVD-202510-4015

Related CVE

CVE-2025-64131

• CNNVD Published: 2025-10-29

Description (Chinese)

Jenkins SAML Plugin是Jenkins开源的一个单点登录插件。 Jenkins SAML Plugin 4.583.vc68232f7018a_及之前版本存在安全漏洞，该漏洞源于未实现重放缓存，可能导致攻击者通过重放SAML身份验证请求进行身份验证。

Description (English)

Jenkins SAML Plugin is a single-point login plugin for Jenkins open source. Jenkins SAML Plugin 4.583.vc68232f7018a and previous versions contain a security loophole stemming from the non-achievement of the re-easure, which could lead to the identification of the attackers by re-issuing the SAML identification request.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Jenkins

Published

2025-10-29

Last Modified

2026-02-24

References

https://www.jenkins.io/security/advisory/2025-10-29/#SECURITY-3613 https://access.redhat.com/security/cve/cve-2025-64131

Patch

https://www.jenkins.io/security/advisory/2025-10-29/#SECURITY-3613