CVE-2020-2171

2020-03-2517:15:15

Google

osv.dev

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.9%

JSON

Jenkins RapidDeploy Plugin 4.2 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

CPENameOperatorVersion
rapiddeploy-plugineqrapiddeploy-jenkins-3.4
rapiddeploy-plugineqrapiddeploy-jenkins-3.2
rapiddeploy-plugineqrapiddeploy-jenkins-4.1
rapiddeploy-plugineqrapiddeploy-jenkins-3.6
rapiddeploy-plugineqrapiddeploy-jenkins-3.10
rapiddeploy-plugineqrapiddeploy-jenkins-3.9
rapiddeploy-plugineqrapiddeploy-jenkins-3.8
rapiddeploy-plugineqrapiddeploy-jenkins-4.2
rapiddeploy-plugineqrapiddeploy-jenkins-3.7
rapiddeploy-plugineqrapiddeploy-jenkins-3.1

Name	Operator	Version
rapiddeploy-plugin	eq	rapiddeploy-jenkins-3.4
rapiddeploy-plugin	eq	rapiddeploy-jenkins-3.2
rapiddeploy-plugin	eq	rapiddeploy-jenkins-4.1
rapiddeploy-plugin	eq	rapiddeploy-jenkins-3.6
rapiddeploy-plugin	eq	rapiddeploy-jenkins-3.10
rapiddeploy-plugin	eq	rapiddeploy-jenkins-3.9
rapiddeploy-plugin	eq	rapiddeploy-jenkins-3.8
rapiddeploy-plugin	eq	rapiddeploy-jenkins-4.2
rapiddeploy-plugin	eq	rapiddeploy-jenkins-3.7
rapiddeploy-plugin	eq	rapiddeploy-jenkins-3.1