pkg:Maven/org.jenkins-ci.plugins:oic-auth

All known vulnerabilities

• HIGH8.8CVE-2025-24399Improper handling of case sensitivity in Jenkins OpenId Connect Authentication Plugin
  from 0, < 4.453.v4d7765c854f4
• HIGH8.8CVE-2024-52553Session fixation vulnerability in Jenkins OpenId Connect Authentication Plugin
  from 0, < 4.421.v5422614eb
• HIGH8.8CVE-2023-24424Session fixation vulnerability in Jenkins OpenId Connect Authentication Plugin
  from 0, < 2.5
• HIGH8.1Jenkins OpenId Connect Authentication Plugin lacks audience claim validation
  from 0, < 4.355.v3a
• HIGH8.1Jenkins OpenId Connect Authentication Plugin lacks issuer claim validation
  from 0, < 4.355.v3a
• MEDIUM6.7Password stored in a recoverable format by Jenkins OpenId Connect Authentication Plugin
  from 0, < 4.229.vf736b
• MEDIUM6.1Open redirect vulnerability in Jenkins OpenId Connect Authentication Plugin
  from 0, < 3.0
• MEDIUM4.3Jenkins OpenId Connect Authentication Plugin showed plain text client secret in configuration form
  from 0, < 1.5