Maven package
org.jenkins-ci.plugins/loadninja
pkg:maven/org.jenkins-ci.plugins/loadninja
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-33004 | — | < 2.2 | 2.2 | Mar 18, 2026 | Jenkins LoadNinja Plugin 2.1 and earlier does not mask LoadNinja API keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them. | ||
| CVE-2026-33003 | — | < 2.2 | 2.2 | Mar 18, 2026 | Jenkins LoadNinja Plugin 2.1 and earlier stores LoadNinja API keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. |
- CVE-2026-33004Mar 18, 2026affected < 2.2fixed 2.2
Jenkins LoadNinja Plugin 2.1 and earlier does not mask LoadNinja API keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them.
- CVE-2026-33003Mar 18, 2026affected < 2.2fixed 2.2
Jenkins LoadNinja Plugin 2.1 and earlier stores LoadNinja API keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system.