CVE-2022-25196 — Open redirect vulnerability in Jenkins GitLab Authentication Plugin

Description

Jenkins GitLab Authentication Plugin 1.13 and earlier records the HTTP `Referer` header as part of the URL query parameters when the authentication process starts, allowing attackers with access to Jenkins to craft a URL that will redirect users to an attacker-specified URL after logging in. This issue is caused by an incomplete fix of [SECURITY-796](https://www.jenkins.io/security/advisory/2019-08-07/#SECURITY-796).

How to fix CVE-2022-25196

No fixed version has been published yet. Mitigate by removing the affected package or applying upstream guidance from the references below.

—no fix listed

Is CVE-2022-25196 being exploited?

Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

from 0, <= 1.13

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM5.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

References (5)

ADVISORYnvd.nist.gov/vuln/detail/CVE-2022-25196
PATCHgithub.com/jenkinsci/gitlab-oauth-plugin
WEBwww.jenkins.io/security/advisory/2019-08-07/#SECURITY-796
WEBwww.jenkins.io/security/advisory/2022-02-15/#SECURITY-1833