VYPR

Analytics Platform

by Knime

CVEs (5)

  • CVE-2023-5562Oct 12, 2023
    risk 0.00cvss epss 0.00

    An unsafe default configuration in KNIME Analytics Platform before 5.2.0 allows for a cross-site scripting attack. When KNIME Analytics Platform is used as an executor for either KNIME Server or KNIME Business Hub several JavaScript-based view nodes do not sanitize the data that…

  • CVE-2022-44749Nov 24, 2022
    risk 0.00cvss epss 0.00

    A directory traversal vulnerability in the ZIP archive extraction routines of KNIME Analytics Platform 3.2.0 and above can result in arbitrary files being overwritten on the user's system. This vulnerability is also known as 'Zip-Slip'. An attacker can create a KNIME…

  • CVE-2022-31500May 31, 2022
    risk 0.00cvss epss 0.00

    In KNIME Analytics Platform below 4.6.0, the Windows installer sets improper filesystem permissions.

  • CVE-2021-45096Dec 16, 2021
    risk 0.00cvss epss 0.01

    KNIME Analytics Platform before 4.5.0 is vulnerable to XXE (external XML entity injection) via a crafted workflow file (.knwf), aka AP-17730.

  • CVE-2019-11628May 1, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in QlikView Server before 11.20 SR19, 12.00 and 12.10 before 12.10 SR11, 12.20 before SR9, and 12.30 before SR2; and Qlik Sense Enterprise and Qlik Analytics Platform installations that lack these patch levels: February 2018 Patch 4, April 2018 Patch 3,…