Skip to main content

Rapiddeploy

4 CVEs product

Monthly

CVE-2020-2171 Maven HIGH PATCH This Week

Jenkins RapidDeploy Plugin 4.2 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins XXE Rapiddeploy
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2020-2170 Maven MEDIUM PATCH This Month

Jenkins RapidDeploy Plugin 4.2 and earlier does not escape package names in the table of packages obtained from a remote server, resulting in a stored XSS vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Jenkins Rapiddeploy
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2019-16571 Maven MEDIUM This Month

A missing permission check in Jenkins RapidDeploy Plugin 4.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Rapiddeploy
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2019-16570 Maven HIGH This Week

A cross-site request forgery vulnerability in Jenkins RapidDeploy Plugin 4.1 and earlier allows attackers to connect to an attacker-specified web server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins CSRF Rapiddeploy
NVD
CVSS 3.1
8.8
EPSS
0.7%
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Jenkins RapidDeploy Plugin 4.2 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins XXE Rapiddeploy
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Jenkins RapidDeploy Plugin 4.2 and earlier does not escape package names in the table of packages obtained from a remote server, resulting in a stored XSS vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Jenkins Rapiddeploy
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

A missing permission check in Jenkins RapidDeploy Plugin 4.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Rapiddeploy
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A cross-site request forgery vulnerability in Jenkins RapidDeploy Plugin 4.1 and earlier allows attackers to connect to an attacker-specified web server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins CSRF Rapiddeploy
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy