VYPR

Casdoor

by Casdoor

Source repositories

CVEs (23)

  • CVE-2024-41264Aug 1, 2024
    risk 0.00cvss epss 0.00

    An issue discovered in casdoor v1.636.0 allows attackers to obtain sensitive information via the ssh.InsecureIgnoreHostKey() method.

  • CVE-2022-44942Dec 7, 2022
    risk 0.00cvss epss 0.01

    Casdoor before v1.126.1 was discovered to contain an arbitrary file deletion vulnerability via the uploadFile function.

  • CVE-2022-38638Sep 9, 2022
    risk 0.00cvss epss 0.01

    Casdoor v1.97.3 was discovered to contain an arbitrary file write vulnerability via the fullFilePath parameter at /api/upload-resource.

Page 2 of 2