VYPR

GNATS

by GNATS

CVEs (2)

  • CVE-2007-2808May 22, 2007
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in gnatsweb.pl in Gnatsweb 4.00 and Gnats 4.1.99 allows remote attackers to inject arbitrary web script or HTML via the database parameter.

  • CVE-2005-2180Jul 11, 2005
    risk 0.00cvss epss 0.00

    gen-index in GNATS 4.0, 4.1.0, and possibly earlier versions, when installed setuid, does not properly check files passed to the -o argument and opens the file with write access, which allows local users to overwrite arbitrary files.