{"id":"CVE-2025-64131","details":"Jenkins SAML Plugin 4.583.vc68232f7018a_ and earlier does not implement a replay cache, allowing attackers able to obtain information about the SAML authentication flow between a user's web browser and Jenkins to replay those requests, authenticating to Jenkins as that user.","aliases":["GHSA-j7r7-7qmf-xq87"],"modified":"2026-04-12T18:47:06.271574Z","published":"2025-10-29T14:15:57.133Z","references":[{"type":"ADVISORY","url":"https://www.jenkins.io/security/advisory/2025-10-29/#SECURITY-3613"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2025/10/29/2"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/jenkinsci/saml-plugin","events":[{"introduced":"0"},{"fixed":"22ccc1139f558654ec39648feadaf03673bfc884"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"4.583.585.v22ccc1139f55"}]}}],"versions":["2.1.1-275.va_5718591a_999","2.291.vd3f2cd6d1c3e","2.295.vb_3b_1ea_96e7d7","2.296.v0016349946db_","2.297.v1a_dff8e51f90","2.298.vc7a_2b_3958628","2.333.vc81e525974a_c","3.343.vb_63a_6c3df23c","4.352.vb_722786ea_79d","4.354.vdc8c005cda_34","4.361.v79b_c2d76d2b_b","4.363.v6cc620b_d37a_2","4.364.veddefb_8dc0ea","4.365.v56110e68e1b_8","4.367.v4f342c34459a","4.369.v13507586ef8c","4.372.v89f13e4c9e97","4.385.v4dea_91565e9d","4.403.v423b_3195a_9ec","4.418.vdfa_7489a_b_a_2d","4.429.v9a_781a_61f1da_","4.464.vea_cb_75d7f5e0","4.485.v99810fb_34d77","4.487.v9f1c3328f1c0","4.496.v56a_6423dca_35","4.501.v4313a_01e3a_18","4.511.vef666858a_167","4.514.vfd5088cc4ed7","4.519.v3927f2f0e020","4.525.v4f6a_7209447e","4.544.v264eea_ed3eed","4.568.v78a_9a_db_8dc9b_","4.569.vcff838e19ed1","4.580.v4cb_5b_9ec2cc2","4.582.v79858eef4044","4.583.vc68232f7018a_","saml-0.1","saml-0.10","saml-0.11","saml-0.12","saml-0.13","saml-0.14","saml-0.2","saml-0.3","saml-0.6","saml-0.7","saml-0.8","saml-0.9","saml-1.0.0","saml-1.0.1","saml-1.0.2","saml-1.0.3","saml-1.0.4","saml-1.0.5","saml-1.0.6","saml-1.0.7","saml-1.0.8","saml-1.0.9","saml-1.1.0","saml-1.1.2","saml-1.1.3","saml-1.1.4","saml-1.1.5","saml-1.1.6","saml-1.1.7","saml-2.0.0","saml-2.0.1","saml-2.0.2","saml-2.0.3","saml-2.0.5","saml-2.0.6","saml-2.0.7","saml-2.0.9","saml-2.1.0"],"database_specific":{"vanir_signatures":[{"digest":{"line_hashes":["42755064531118465426564400892256902492","293911180055994235000438795423555003819","290199120084696097362071104175020502145","158641622454782274848612402179282387666"],"threshold":0.9},"signature_version":"v1","id":"CVE-2025-64131-bc2c394e","signature_type":"Line","deprecated":false,"target":{"file":"src/main/java/org/jenkinsci/plugins/saml/OpenSAMLWrapper.java"},"source":"https://github.com/jenkinsci/saml-plugin/commit/22ccc1139f558654ec39648feadaf03673bfc884"},{"digest":{"length":2244,"function_hash":"224149829167823732056140822233698689538"},"signature_version":"v1","id":"CVE-2025-64131-fd6e3db5","signature_type":"Function","deprecated":false,"target":{"file":"src/main/java/org/jenkinsci/plugins/saml/OpenSAMLWrapper.java","function":"createSAML2Client"},"source":"https://github.com/jenkinsci/saml-plugin/commit/22ccc1139f558654ec39648feadaf03673bfc884"}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-64131.json","vanir_signatures_modified":"2026-04-12T18:47:06Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}