Jenkins - Gitlab Oauth CVE

Filtered by vendor Jenkins Subscriptions

Filtered by product Gitlab Oauth Subscriptions

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2019-10372	1 Jenkins	1 Gitlab Oauth	2023-10-25	6.1 Medium
An open redirect vulnerability in Jenkins Gitlab Authentication Plugin 1.4 and earlier in GitLabSecurityRealm.java allows attackers to redirect users to a URL outside Jenkins after successful login.
CVE-2019-10371	1 Jenkins	1 Gitlab Oauth	2023-10-25	7.5 High
A session fixation vulnerability in Jenkins Gitlab Authentication Plugin 1.4 and earlier in GitLabSecurityRealm.java allows unauthorized attackers to impersonate another user if they can control the pre-authentication session.

Page 1 of 1.