org.jenkins-ci.plugins:gatling
Maven2 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting org.jenkins-ci.plugins:gatlingpage 1 of 1
- CVE-2020-2173MEDIUMCVSS 5.4EG 5.4✓ Fixed in 1.3.02020-04-07
vulnerable: 1.0.0 ... 1.2.7 (15 versions)
Jenkins Gatling Plugin 1.2.7 and earlier prevents Content-Security-Policy headers from being set for Gatling reports served by the plugin, resulting in an XSS vulnerability exploitable by users able to change report content.
- CVE-2025-5806HIGHCVSS 8.0EG 8.02025-06-06
vulnerable: 136.vb
Jenkins Gatling Plugin 136.vb_9009b_3d33a_e serves Gatling reports in a manner that bypasses the Content-Security-Policy protection introduced in Jenkins 1.641 and 1.625, resulting in a cross-site scripting (XSS) vulnerability exploitable …
Check whether org.jenkins-ci.plugins:gatling is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for org.jenkins-ci.plugins:gatling CVEs against the assets you own.
Start Free Scan →