Vendor
Flagsmith
Products
1
CVEs
2
Across products
2
Status
Private
Products
1- 2 CVEs
Recent CVEs
2| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-52872 | Hig | 0.00 | 7.5 | 0.00 | Nov 17, 2024 | In Flagsmith before 2.134.1, the get_document endpoint is not correctly protected by permissions. | ||
| CVE-2024-52871 | Hig | 0.00 | 7.5 | 0.00 | Nov 17, 2024 | In Flagsmith before 2.134.1, it is possible to bypass the ALLOW_REGISTRATION_WITHOUT_INVITE setting. |
- risk 0.00cvss 7.5epss 0.00
In Flagsmith before 2.134.1, the get_document endpoint is not correctly protected by permissions.
- risk 0.00cvss 7.5epss 0.00
In Flagsmith before 2.134.1, it is possible to bypass the ALLOW_REGISTRATION_WITHOUT_INVITE setting.