Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jenkins performance vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2021-21701
Jenkins Performance Plugin 3.20 and previous versions does not configure its XML parser to prevent XML external entity (XXE) attacks.
Jenkins Performance
NA
CVE-2023-28682
Jenkins Performance Publisher Plugin 8.09 and previous versions does not configure its XML parser to prevent XML external entity (XXE) attacks.
Jenkins Performance Publisher
NA
CVE-2022-36894
An arbitrary file write vulnerability in Jenkins CLIF Performance Testing Plugin 64.vc0d66de1dfb_f and previous versions allows attackers with Overall/Read permission to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content.
Jenkins Clif Performance Testing
3.5
CVSSv2
CVE-2022-34191
Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.77 and previous versions does not escape the name of NetStorm Test parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure p...
Jenkins Ns-nd Integration Performance Publisher
NA
CVE-2022-41227
A cross-site request forgery (CSRF) vulnerability in Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.129 and previous versions allows malicious users to connect to an attacker-specified webserver using attacker-specified credentials.
Jenkins Ns-nd Integration Performance Publisher
NA
CVE-2022-41228
A missing permission check in Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.129 and previous versions allows attackers with Overall/Read permissions to connect to an attacker-specified webserver using attacker-specified credentials.
Jenkins Ns-nd Integration Performance Publisher
NA
CVE-2022-41229
Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.134 and previous versions does not escape configuration options of the Execute NetStorm/NetCloud Test build step, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configu...
Jenkins Ns-nd Integration Performance Publisher
NA
CVE-2022-38666
Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.146 and previous versions unconditionally disables SSL/TLS certificate and hostname validation for several features.
Jenkins Ns-nd Integration Performance Publisher
NA
CVE-2023-33000
Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.149 and previous versions does not mask credentials displayed on the configuration form, increasing the potential for malicious users to observe and capture them.
Jenkins Ns-nd Integration Performance Publisher
NA
CVE-2022-45391
Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.143 and previous versions globally and unconditionally disables SSL/TLS certificate and hostname validation for the entire Jenkins controller JVM.
Jenkins Ns-nd Integration Performance Publisher
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »