Jenkins Project Jenkins Rapiddeploy Plugin vulnerabilities
4 known vulnerabilities affecting jenkins_project/jenkins_rapiddeploy_plugin.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2020-2171HIGHCVSS 8.8≥ unspecified, ≤ 4.22020-03-25
CVE-2020-2171 [HIGH] CWE-611 CVE-2020-2171: Jenkins RapidDeploy Plugin 4.2 and earlier does not configure its XML parser to prevent XML external
Jenkins RapidDeploy Plugin 4.2 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
cvelistv5nvd
CVE-2020-2170MEDIUMCVSS 5.4≥ unspecified, ≤ 4.22020-03-25
CVE-2020-2170 [MEDIUM] CWE-79 CVE-2020-2170: Jenkins RapidDeploy Plugin 4.2 and earlier does not escape package names in the table of packages ob
Jenkins RapidDeploy Plugin 4.2 and earlier does not escape package names in the table of packages obtained from a remote server, resulting in a stored XSS vulnerability.
cvelistv5nvd
CVE-2019-16570HIGHCVSS 8.8≥ unspecified, ≤ 4.12019-12-17
CVE-2019-16570 [HIGH] CWE-352 CVE-2019-16570: A cross-site request forgery vulnerability in Jenkins RapidDeploy Plugin 4.1 and earlier allows atta
A cross-site request forgery vulnerability in Jenkins RapidDeploy Plugin 4.1 and earlier allows attackers to connect to an attacker-specified web server.
cvelistv5nvd
CVE-2019-16571MEDIUMCVSS 4.3≥ unspecified, ≤ 4.12019-12-17
CVE-2019-16571 [MEDIUM] CWE-862 CVE-2019-16571: A missing permission check in Jenkins RapidDeploy Plugin 4.1 and earlier allows attackers with Overa
A missing permission check in Jenkins RapidDeploy Plugin 4.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server.
cvelistv5nvd