VYPR

Azure AD

by Jenkins Project

CVEs (3)

  • CVE-2026-42525MedApr 29, 2026
    risk 0.28cvss 4.3epss 0.00

    Jenkins Microsoft Entra ID (previously Azure AD) Plugin 666.v6060de32f87d and earlier does not restrict the redirect URL after login, allowing attackers to perform phishing attacks.

  • CVE-2021-42306Nov 24, 2021
    risk 0.01cvss epss 0.03

    An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an authentication certificate keyCredential  on an Azure AD Application or Service Principal (which is not recommended). This vulnerability allows a…

  • CVE-2021-33781Jul 14, 2021
    risk 0.01cvss epss 0.02

    Azure AD Security Feature Bypass Vulnerability