Artifactory Docker Examples
by Jfrog
Source repositories
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-1000206 | Hig | 0.57 | 8.8 | 0.01 | Jul 13, 2018 | JFrog Artifactory version since 5.11 contains a Cross ite Request Forgery (CSRF) vulnerability in UI rest endpoints that can result in Classic CSRF attack allowing an attacker to perform actions as logged in user. This attack appear to be exploitable via The victim must run… | ||
| CVE-2018-1000623 | Hig | 0.47 | 7.2 | 0.03 | Jul 9, 2018 | JFrog JFrog Artifactory version Prior to version 6.0.3, since version 4.0.0 contains a Directory Traversal vulnerability in The "Import Repository from Zip" feature, available through the Admin menu -> Import & Export -> Repositories, triggers a vulnerable UI REST endpoint… | ||
| CVE-2019-9733 | 0.07 | — | 0.54 | Apr 11, 2019 | An issue was discovered in JFrog Artifactory 6.7.3. By default, the access-admin account is used to reset the password of the admin account in case an administrator gets locked out from the Artifactory console. This is only allowable from a connection directly from localhost,… | |||
| CVE-2018-19971 | 0.00 | — | 0.03 | Apr 16, 2019 | JFrog Artifactory Pro 6.5.9 has Incorrect Access Control. |
- risk 0.57cvss 8.8epss 0.01
JFrog Artifactory version since 5.11 contains a Cross ite Request Forgery (CSRF) vulnerability in UI rest endpoints that can result in Classic CSRF attack allowing an attacker to perform actions as logged in user. This attack appear to be exploitable via The victim must run…
- risk 0.47cvss 7.2epss 0.03
JFrog JFrog Artifactory version Prior to version 6.0.3, since version 4.0.0 contains a Directory Traversal vulnerability in The "Import Repository from Zip" feature, available through the Admin menu -> Import & Export -> Repositories, triggers a vulnerable UI REST endpoint…
- CVE-2019-9733Apr 11, 2019risk 0.07cvss —epss 0.54
An issue was discovered in JFrog Artifactory 6.7.3. By default, the access-admin account is used to reset the password of the admin account in case an administrator gets locked out from the Artifactory console. This is only allowable from a connection directly from localhost,…
- CVE-2018-19971Apr 16, 2019risk 0.00cvss —epss 0.03
JFrog Artifactory Pro 6.5.9 has Incorrect Access Control.