Vulnerability Monitor

Type: Primary CWE-384
Type: Secondary CWE-384

The vendors, products, and vulnerabilities you care about

CVE-2023-24424

Jenkins OpenId Connect Authentication Plugin 2.4 and earlier does not invalidate the previous session on login.

2023-01-26T21:18:16.773

2025-04-02T15:15:54.637

Modified

CVSSv3.1: 8.8 (HIGH)

Type	Vendor	Product	Version/Range	Vulnerable?
Application	jenkins	openid_connect_authentication	< 2.5	Yes