Org.apache.jmeter:apachejmeter
This hub aggregates every CVE we track for Org.apache.jmeter:apachejmeter, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
3
CVEs tracked
3
Critical
0
High
0
In CISA KEV
Severity distribution
CRITICAL3
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 3 most recently published vulnerabilities affecting Org.apache.jmeter:apachejmeter.
- CVE-2019-0187Unauthenticated RCE is possible when JMeter is used in distributed mode (-r or -R command line options). Attacker can establish a RMI connection to a jmeter-server using RemoteJMeterEngine and proc...9.8
- CVE-2018-1287In Apache JMeter 2.X and 3.X, when using Distributed Test only (RMI based), jmeter server binds RMI Registry to wildcard host. This could allow an attacker to get Access to JMeterEngine and send un...9.8
- CVE-2018-1297When using Distributed Test only (RMI based), Apache JMeter 2.x and 3.x uses an unsecured RMI connection. This could allow an attacker to get Access to JMeterEngine and send unauthorized code.9.8
Product normalization is registry-driven with AI assist and human review. How it works