CVE-2025-64131

Name of the Vulnerable Software and Affected Versions Jenkins SAML Plugin versions 4.583.vc68232f7018a and earlier

Description The Jenkins SAML Plugin does not implement a replay cache. This allows attackers who can gather information about the SAML authentication process between a user’s web browser and Jenkins to replay those requests, potentially authenticating to Jenkins as that user. The issue involves the re-use of valid authentication tokens to gain access to Jenkins environments.

Recommendations Update Jenkins SAML Plugin to a version later than 4.583.vc68232f7018a .