Vulnerabilities > Jenkins > Openshift Login

DATE CVE VULNERABILITY TITLE RISK
2023-07-12 CVE-2023-37946 Session Fixation vulnerability in Jenkins Openshift Login
Jenkins OpenShift Login Plugin 1.1.0.227.v27e08dfb_1a_20 and earlier does not invalidate the previous session on login.
network
low complexity
jenkins CWE-384
8.8
2023-07-12 CVE-2023-37947 Open Redirect vulnerability in Jenkins Openshift Login
Jenkins OpenShift Login Plugin 1.1.0.227.v27e08dfb_1a_20 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks.
network
low complexity
jenkins CWE-601
6.1