Jenkins Rapiddeploy vulnerabilities
4 known vulnerabilities affecting jenkins/rapiddeploy.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2020-2171HIGHCVSS 8.8≤ 4.22020-03-25
CVE-2020-2171 [HIGH] CWE-611 CVE-2020-2171: Jenkins RapidDeploy Plugin 4.2 and earlier does not configure its XML parser to prevent XML external
Jenkins RapidDeploy Plugin 4.2 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
nvd
CVE-2020-2170MEDIUMCVSS 5.4≤ 4.22020-03-25
CVE-2020-2170 [MEDIUM] CWE-79 CVE-2020-2170: Jenkins RapidDeploy Plugin 4.2 and earlier does not escape package names in the table of packages ob
Jenkins RapidDeploy Plugin 4.2 and earlier does not escape package names in the table of packages obtained from a remote server, resulting in a stored XSS vulnerability.
nvd
CVE-2019-16570HIGHCVSS 8.8≤ 4.12019-12-17
CVE-2019-16570 [HIGH] CWE-352 CVE-2019-16570: A cross-site request forgery vulnerability in Jenkins RapidDeploy Plugin 4.1 and earlier allows atta
A cross-site request forgery vulnerability in Jenkins RapidDeploy Plugin 4.1 and earlier allows attackers to connect to an attacker-specified web server.
nvd
CVE-2019-16571MEDIUMCVSS 4.3≤ 4.12019-12-17
CVE-2019-16571 [MEDIUM] CWE-862 CVE-2019-16571: A missing permission check in Jenkins RapidDeploy Plugin 4.1 and earlier allows attackers with Overa
A missing permission check in Jenkins RapidDeploy Plugin 4.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server.
nvd