KL-001-2025-004
by KoreLogic
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-5099 | Cri | 0.64 | 9.8 | 0.01 | May 23, 2025 | An Out of Bounds Write occurs when the native library attempts PDF rendering, which can be exploited to achieve memory corruption and potentially arbitrary code execution. | ||
| CVE-2024-6891 | Hig | 0.57 | 8.8 | 0.01 | Aug 8, 2024 | Attackers with a valid username and password can exploit a python code injection vulnerability during the natural login flow. | ||
| CVE-2024-6707 | Hig | 0.57 | 8.8 | 0.01 | Aug 7, 2024 | Attacker controlled files can be uploaded to arbitrary locations on the web server's filesystem by abusing a path traversal vulnerability. |
- risk 0.64cvss 9.8epss 0.01
An Out of Bounds Write occurs when the native library attempts PDF rendering, which can be exploited to achieve memory corruption and potentially arbitrary code execution.
- risk 0.57cvss 8.8epss 0.01
Attackers with a valid username and password can exploit a python code injection vulnerability during the natural login flow.
- risk 0.57cvss 8.8epss 0.01
Attacker controlled files can be uploaded to arbitrary locations on the web server's filesystem by abusing a path traversal vulnerability.