Critical severityNVD Advisory· Published Jan 24, 2023· Updated Apr 2, 2025
CVE-2023-24456
CVE-2023-24456
Description
Jenkins Keycloak Authentication Plugin 2.3.0 and earlier does not invalidate the previous session on login.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.jenkins-ci.plugins:keycloakMaven | < 2.3.1 | 2.3.1 |
Affected products
2- Range: unspecified
Patches
Vulnerability mechanics
References
4News mentions
1- Jenkins Security Advisory 2023-01-24Jenkins Security Advisories · Jan 24, 2023