PT-2025-45734 — Maven Org.Jenkins-Ci.Plugins:Saml

PT-2025-45734 · Maven · Org.Jenkins-Ci.Plugins:Saml

Published

2025-10-29

Updated

2025-10-29

CVSS v3.1

7.5

High

Vector

AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Jenkins SAML Plugin 4.583.vc68232f7018a and earlier does not implement a replay cache.

This allows attackers able to obtain information about the SAML authentication flow between a user’s web browser and Jenkins to replay those requests, authenticating to Jenkins as that user.

SAML Plugin 4.583.585.v22ccc1139f55 implements a replay cache that rejects replayed requests.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-294

Related Identifiers

GHSA-J7R7-7QMF-XQ87

Affected Products

Org.Jenkins-Ci.Plugins:Saml