Jenkins · Jenkins Swamp Plugin · CVE-2025-64131
**Name of the Vulnerable Software and Affected Versions**
Jenkins SAML Plugin versions 4.583.vc68232f7018a and earlier
**Description**
The Jenkins SAML Plugin does not implement a replay cache. This allows attackers who can gather information about the SAML authentication process between a user’s web browser and Jenkins to replay those requests, potentially authenticating to Jenkins as that user. The issue involves the re-use of valid authentication tokens to gain access to Jenkins environments.
**Recommendations**
Update Jenkins SAML Plugin to a version later than 4.583.vc68232f7018a .