VYPR

Artifactory Docker Examples

by Jfrog

Source repositories

CVEs (4)

  • CVE-2018-1000206HigJul 13, 2018
    risk 0.57cvss 8.8epss 0.01

    JFrog Artifactory version since 5.11 contains a Cross ite Request Forgery (CSRF) vulnerability in UI rest endpoints that can result in Classic CSRF attack allowing an attacker to perform actions as logged in user. This attack appear to be exploitable via The victim must run…

  • CVE-2018-1000623HigJul 9, 2018
    risk 0.47cvss 7.2epss 0.03

    JFrog JFrog Artifactory version Prior to version 6.0.3, since version 4.0.0 contains a Directory Traversal vulnerability in The "Import Repository from Zip" feature, available through the Admin menu -> Import & Export -> Repositories, triggers a vulnerable UI REST endpoint…

  • CVE-2019-9733Apr 11, 2019
    risk 0.07cvss epss 0.54

    An issue was discovered in JFrog Artifactory 6.7.3. By default, the access-admin account is used to reset the password of the admin account in case an administrator gets locked out from the Artifactory console. This is only allowable from a connection directly from localhost,…

  • CVE-2018-19971Apr 16, 2019
    risk 0.00cvss epss 0.03

    JFrog Artifactory Pro 6.5.9 has Incorrect Access Control.