CAS Plugin

Source repositories

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2023-32997	Jenkins Project Jenkins Matlab Plugin		0.00	—	0.01		May 16, 2023	Jenkins CAS Plugin 1.6.2 and earlier does not invalidate the previous session on login.
CVE-2018-1000188	Jenkins Project CAS Plugin		0.00	—	0.00		Jun 5, 2018	A server-side request forgery vulnerability exists in Jenkins CAS Plugin 1.4.1 and older in CasSecurityRealm.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL.

CVE-2023-32997May 16, 2023
Jenkins Project
Jenkins Matlab Plugin
risk 0.00cvss —epss 0.01
Jenkins CAS Plugin 1.6.2 and earlier does not invalidate the previous session on login.
CVE-2018-1000188Jun 5, 2018
Jenkins Project
CAS Plugin
risk 0.00cvss —epss 0.00
A server-side request forgery vulnerability exists in Jenkins CAS Plugin 1.4.1 and older in CasSecurityRealm.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL.