VYPR

yEd Desktop

by yWorks

CVEs (2)

  • CVE-2020-25216CriSep 17, 2020
    risk 0.64cvss 9.8epss 0.02

    yWorks yEd Desktop before 3.20.1 allows code execution via an XSL Transformation when using an XML file in conjunction with a custom stylesheet.

  • CVE-2020-25215CriSep 17, 2020
    risk 0.64cvss 9.8epss 0.01

    yWorks yEd Desktop before 3.20.1 allows XXE attacks via an XML or GraphML document.