Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jenkins performance vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2021-21701
Jenkins Performance Plugin 3.20 and previous versions does not configure its XML parser to prevent XML external entity (XXE) attacks.
Jenkins Performance
NA
CVE-2023-28682
Jenkins Performance Publisher Plugin 8.09 and previous versions does not configure its XML parser to prevent XML external entity (XXE) attacks.
Jenkins Performance Publisher
NA
CVE-2022-36894
An arbitrary file write vulnerability in Jenkins CLIF Performance Testing Plugin 64.vc0d66de1dfb_f and previous versions allows attackers with Overall/Read permission to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content.
Jenkins Clif Performance Testing
312
VMScore
CVE-2022-34191
Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.77 and previous versions does not escape the name of NetStorm Test parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure p...
Jenkins Ns-nd Integration Performance Publisher
NA
CVE-2022-45391
Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.143 and previous versions globally and unconditionally disables SSL/TLS certificate and hostname validation for the entire Jenkins controller JVM.
Jenkins Ns-nd Integration Performance Publisher
NA
CVE-2022-45392
Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.143 and previous versions stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by attackers with Extended Read permission, or access to the Jenkins controller file syst...
Jenkins Ns-nd Integration Performance Publisher
NA
CVE-2022-38666
Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.146 and previous versions unconditionally disables SSL/TLS certificate and hostname validation for several features.
Jenkins Ns-nd Integration Performance Publisher
NA
CVE-2022-41227
A cross-site request forgery (CSRF) vulnerability in Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.129 and previous versions allows malicious users to connect to an attacker-specified webserver using attacker-specified credentials.
Jenkins Ns-nd Integration Performance Publisher
NA
CVE-2022-41228
A missing permission check in Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.129 and previous versions allows attackers with Overall/Read permissions to connect to an attacker-specified webserver using attacker-specified credentials.
Jenkins Ns-nd Integration Performance Publisher
NA
CVE-2022-41229
Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.134 and previous versions does not escape configuration options of the Execute NetStorm/NetCloud Test build step, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configu...
Jenkins Ns-nd Integration Performance Publisher
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »