VYPR

Metadefender Core

by OPSWAT

CVEs (4)

  • CVE-2018-16275HigAug 31, 2018
    risk 0.51cvss 7.8epss 0.01

    OPSWAT MetaDefender before v4.11.2 allows CSV injection.

  • CVE-2023-25364MedMar 27, 2024
    risk 0.40cvss 6.1epss 0.00

    Opswat Metadefender Core before 5.2.1 does not properly defend against potential HTML injection and XSS attacks.

  • CVE-2022-32272Jun 9, 2022
    risk 0.05cvss epss 0.09

    OPSWAT MetaDefender Core before 5.1.2, MetaDefender ICAP before 4.12.1, and MetaDefender Email Gateway Security before 5.6.1 have incorrect access control, resulting in privilege escalation.

  • CVE-2022-32273Jun 8, 2022
    risk 0.00cvss epss 0.01

    As a result of an observable discrepancy in returned messages, OPSWAT MetaDefender Core (MDCore) before 5.1.2 could allow an authenticated user to enumerate filenames on the server.