VulnerableCode Package Details - pkg:maven/org.apache.jmeter/ApacheJMeter@2.3.4

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/org.apache.jmeter/ApacheJMeter@2.3.4

purl	pkg:maven/org.apache.jmeter/ApacheJMeter@2.3.4

Next non-vulnerable version	5.1
Latest non-vulnerable version	5.1
Risk

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-9xz8-znea-wufj Aliases: CVE-2018-1297	Cleartext Transmission of Sensitive Information When using Distributed Test only (RMI based), Apache `JMeteranduses` an unsecured RMI connection. This could allow an attacker to get access to `JMeterEngine` and send unauthorized code.	4.0 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-xumm-un1w-wkcu Aliases: CVE-2018-1287	Improper Access Control When using Distributed Test only (RMI based), jmeter server binds RMI Registry to wildcard host. This could allow an attacker to get Access to `JMeterEngine` and send unauthorized code.	4.0 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-02T04:37:31.101404+00:00	GitLab Importer	Affected by	VCID-xumm-un1w-wkcu	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.jmeter/ApacheJMeter/CVE-2018-1287.yml	38.6.0
2026-06-02T04:37:30.944288+00:00	GitLab Importer	Affected by	VCID-9xz8-znea-wufj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.jmeter/ApacheJMeter/CVE-2018-1297.yml	38.6.0