Casdoor
by Casdoor
Source repositories
CVEs (23)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-41264 | 0.00 | — | 0.00 | Aug 1, 2024 | An issue discovered in casdoor v1.636.0 allows attackers to obtain sensitive information via the ssh.InsecureIgnoreHostKey() method. | |||
| CVE-2022-44942 | 0.00 | — | 0.01 | Dec 7, 2022 | Casdoor before v1.126.1 was discovered to contain an arbitrary file deletion vulnerability via the uploadFile function. | |||
| CVE-2022-38638 | 0.00 | — | 0.01 | Sep 9, 2022 | Casdoor v1.97.3 was discovered to contain an arbitrary file write vulnerability via the fullFilePath parameter at /api/upload-resource. |
- CVE-2024-41264Aug 1, 2024risk 0.00cvss —epss 0.00
An issue discovered in casdoor v1.636.0 allows attackers to obtain sensitive information via the ssh.InsecureIgnoreHostKey() method.
- CVE-2022-44942Dec 7, 2022risk 0.00cvss —epss 0.01
Casdoor before v1.126.1 was discovered to contain an arbitrary file deletion vulnerability via the uploadFile function.
- CVE-2022-38638Sep 9, 2022risk 0.00cvss —epss 0.01
Casdoor v1.97.3 was discovered to contain an arbitrary file write vulnerability via the fullFilePath parameter at /api/upload-resource.
Page 2 of 2