Lucene search
K
JenkinsRapiddeploy

4 matches found

CVE
CVE
added 2020/03/25 4:5 p.m.76 views

CVE-2020-2171

CVE-2020-2171 affects the Jenkins RapidDeploy Plugin (versions 4.2 and earlier). The root cause is a configured XML parser that does not disable XML external entity (XXE) processing, enabling an attacker to craft input files that may lead to secret extraction, server-side impacts, or DoS through ...

8.8CVSS8.6AI score0.0115EPSS
CVE
CVE
added 2020/03/25 4:5 p.m.72 views

CVE-2020-2170

The CVE-2020-2170 entry concerns Jenkins RapidDeploy Plugin 4.2 and earlier, where displayed table data (package names) from a remote server is not escaped, causing a stored XSS vulnerability. Affected component: RapidDeploy Plugin’s UI rendering for the package table. Underlying issue: lack of p...

5.4CVSS5.2AI score0.00735EPSS
CVE
CVE
added 2019/12/17 2:40 p.m.71 views

CVE-2019-16570

The CVE-2019-16570 entry describes a cross-site request forgery in Jenkins RapidDeploy Plugin (v4.1 and earlier). The vulnerability stems from insufficient validation, allowing an attacker to induce the target to connect to an attacker-specified web server. Affected software is the Jenkins RapidD...

8.8CVSS8.6AI score0.00691EPSS
CVE
CVE
added 2019/12/17 2:40 p.m.71 views

CVE-2019-16571

The CVE-2019-16571 issue affects Jenkins RapidDeploy Plugin 4.1 and earlier, caused by a missing permission check. This permits attackers who hold Overall/Read permissions to connect to an attacker-specified web server. The publicly documented impact is enabling connections to an attacker-control...

4.3CVSS4.4AI score0.00714EPSS