VYPR

Freshwork

by Freshwork

CVEs (3)

  • CVE-2022-36174HigSep 12, 2022
    risk 0.53cvss 8.1epss 0.00

    FreshService Windows Agent < 2.11.0 and FreshService macOS Agent < 4.2.0 and FreshService Linux Agent < 3.3.0. are vulnerable to Broken integrity checking via the FreshAgent client and scheduled update service.

  • CVE-2022-36173HigSep 12, 2022
    risk 0.53cvss 8.1epss 0.01

    FreshService macOS Agent < 4.4.0 and FreshServce Linux Agent < 3.4.0 are vulnerable to TLS Man-in-The-Middle via the FreshAgent client and scheduled update service.

  • CVE-2025-10229MedSep 10, 2025
    risk 0.28cvss 4.3epss 0.00

    A vulnerability has been found in Freshwork up to 1.2.3. This impacts an unknown function of the file /api/v2/logout. Such manipulation of the argument post_logout_redirect_uri leads to open redirect. The attack can be executed remotely. The exploit has been disclosed to the…