VYPR

Maven package

org.jenkins-ci.plugins/loadninja

pkg:maven/org.jenkins-ci.plugins/loadninja

Vulnerabilities (2)

  • CVE-2026-33004Mar 18, 2026
    affected < 2.2fixed 2.2

    Jenkins LoadNinja Plugin 2.1 and earlier does not mask LoadNinja API keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them.

  • CVE-2026-33003Mar 18, 2026
    affected < 2.2fixed 2.2

    Jenkins LoadNinja Plugin 2.1 and earlier stores LoadNinja API keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system.