Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Jenkins Subscribe
Filtered by product Keycloak Authentication
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-24456 1 Jenkins 1 Keycloak Authentication 2023-02-02 N/A 9.8 CRITICAL
Jenkins Keycloak Authentication Plugin 2.3.0 and earlier does not invalidate the previous session on login.
CVE-2023-24457 1 Jenkins 1 Keycloak Authentication 2023-02-02 N/A 6.5 MEDIUM
A cross-site request forgery (CSRF) vulnerability in Jenkins Keycloak Authentication Plugin 2.3.0 and earlier allows attackers to trick users into logging in to the attacker's account.