# Security Advisories

These are the Security Advisories Rundeck has issued in the past:

  • CVE-2021-39133
    Cross-Site Request Forgery (CSRF) can run untrusted code on Rundeck server.
  • CVE-2021-39132
    YAML deserialization can run untrusted code.
  • CVE-2020-11009
    IDOR can reveal execution data and logs to unauthorized user.