VYPR

Altair

by Altair

CVEs (3)

  • CVE-2024-56200HigDec 19, 2024
    risk 0.49cvss 8.6epss 0.01

    Altair is a fork of Misskey v12. Affected versions lack of request validation and lack of authentication in the image proxy for compressing and resizing remote files could allow attacks that could affect availability, such as by abnormally increasing the CPU usage of the server…

  • CVE-2024-54147MedDec 9, 2024
    risk 0.37cvss 6.8epss 0.00

    Altair is a GraphQL client for all platforms. Prior to version 8.0.5, Altair GraphQL Client's desktop app does not validate HTTPS certificates allowing a man-in-the-middle to intercept all requests. Any Altair users on untrusted networks (eg. public wifi, malicious DNS servers)…

  • CVE-2023-43799MedOct 4, 2023
    risk 0.33cvss 5.0epss 0.00

    Altair is a GraphQL Client. Prior to version 5.2.5, the Altair GraphQL Client Desktop Application does not sanitize external URLs before passing them to the underlying system. Moreover, Altair GraphQL Client also does not isolate the context of the renderer process. This affects…