Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jenkins performance publisher vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-28682
Jenkins Performance Publisher Plugin 8.09 and previous versions does not configure its XML parser to prevent XML external entity (XXE) attacks.
Jenkins Performance Publisher
NA
CVE-2022-38666
Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.146 and previous versions unconditionally disables SSL/TLS certificate and hostname validation for several features.
Jenkins Ns-nd Integration Performance Publisher
NA
CVE-2022-41227
A cross-site request forgery (CSRF) vulnerability in Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.129 and previous versions allows malicious users to connect to an attacker-specified webserver using attacker-specified credentials.
Jenkins Ns-nd Integration Performance Publisher
NA
CVE-2022-41228
A missing permission check in Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.129 and previous versions allows attackers with Overall/Read permissions to connect to an attacker-specified webserver using attacker-specified credentials.
Jenkins Ns-nd Integration Performance Publisher
NA
CVE-2022-41229
Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.134 and previous versions does not escape configuration options of the Execute NetStorm/NetCloud Test build step, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configu...
Jenkins Ns-nd Integration Performance Publisher
3.5
CVSSv2
CVE-2022-34191
Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.77 and previous versions does not escape the name of NetStorm Test parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure p...
Jenkins Ns-nd Integration Performance Publisher
NA
CVE-2023-33000
Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.149 and previous versions does not mask credentials displayed on the configuration form, increasing the potential for malicious users to observe and capture them.
Jenkins Ns-nd Integration Performance Publisher
NA
CVE-2022-45391
Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.143 and previous versions globally and unconditionally disables SSL/TLS certificate and hostname validation for the entire Jenkins controller JVM.
Jenkins Ns-nd Integration Performance Publisher
NA
CVE-2022-45392
Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.143 and previous versions stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by attackers with Extended Read permission, or access to the Jenkins controller file syst...
Jenkins Ns-nd Integration Performance Publisher
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started