pkg:maven/org.rundeck/rundeck-core
Type
maven
Namespace
org.rundeck
Name
rundeck-core
Known advisories, vulnerabilities and fixes for org.rundeck/rundeck-core package.
High
1
Moderate
1
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | < 3.3.14 >= 3.4.0, < 3.4.3 |
CVE-2021-39133
|
MAVEN:GHSA-3JMW-C69H-426C | Cross-Site Request Forgery (CSRF) can run untrusted code on Rundeck server | high |
2021-09-01T18:26:48
(3 years ago) |
|
Fixed | = 3.3.14 = 3.4.3 |
CVE-2021-39133
|
MAVEN:GHSA-3JMW-C69H-426C | Cross-Site Request Forgery (CSRF) can run untrusted code on Rundeck server | high |
2021-09-01T18:26:48
(3 years ago) |
|
Affected | < 3.3.14 >= 3.4.0, < 3.4.3 |
CVE-2021-39132
|
MAVEN:GHSA-Q4RF-3FHX-88PF | YAML deserialization can run untrusted code | moderate |
2021-09-01T18:27:01
(3 years ago) |
|
Fixed | = 3.3.14 = 3.4.3 |
CVE-2021-39132
|
MAVEN:GHSA-Q4RF-3FHX-88PF | YAML deserialization can run untrusted code | moderate |
2021-09-01T18:27:01
(3 years ago) |