Vulnerabilities > Pagerduty > Rundeck > 3.2.4

DATE CVE VULNERABILITY TITLE RISK
2022-05-20 CVE-2022-29186 Use of Hard-coded Credentials vulnerability in Pagerduty Rundeck
Rundeck is an open source automation service with a web console, command line tools and a WebAPI.
network
low complexity
pagerduty CWE-798
critical
 9.8
9.8
2021-08-30 CVE-2021-39132 Deserialization of Untrusted Data vulnerability in Pagerduty Rundeck
Rundeck is an open source automation service with a web console, command line tools and a WebAPI.
network
low complexity
pagerduty CWE-502
6.5
6.5
2021-08-30 CVE-2021-39133 Cross-Site Request Forgery (CSRF) vulnerability in Pagerduty Rundeck
Rundeck is an open source automation service with a web console, command line tools and a WebAPI.
network
pagerduty CWE-352
6.0
6.0
2020-04-29 CVE-2020-11009 Authorization Bypass Through User-Controlled Key vulnerability in Pagerduty Rundeck
In Rundeck before version 3.2.6, authenticated users can craft a request that reveals Execution data and logs and Job details that they are not authorized to see.
network
low complexity
pagerduty CWE-639
4.0
4.0