pkg:Maven/org.jenkins-ci.plugins:azure-ad

6 total CVEsHIGH3MEDIUM1LOW2

✅ Check your installed version

All known vulnerabilities

  • HIGH8.8CVE-2023-24426Insufficient Session Expiration in Jenkins Azure AD Plugin
    from 0, <= 303.va
  • HIGH8.8CVE-2021-21679Jenkins Azure AD Plugin allows bypassing CSRF protection for any URL
    from 0, < 180.v8b1e80e6f242
  • HIGH7.5CVE-2023-41935Non-constant time nonce comparison in Jenkins Microsoft Entra ID (previously Azure AD) Plugin
    >= 378.380.v545b, < 397.v907382dd9b
  • MEDIUM4.3CVE-2026-42525Jenkins Microsoft Entra ID (previously Azure AD) Plugin has an open redirect vulnerability
    from 0, < 667.v4c5827a
  • LOW3.3CVE-2019-10318Jenkins Azure AD Plugin stored the client secret unencrypted
    from 0, < 0.3.4
  • LOW3.1CVE-2020-2119Client secret transmitted in plain text by Azure AD Plugin
    from 0, < 1.2.0