Vendor
Invenio
Products
5
CVEs
5
Across products
5
Status
Private
Products
5- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
5| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-43781 | 0.00 | — | 0.00 | Dec 6, 2021 | Invenio-Drafts-Resources is a submission/deposit module for Invenio, a software framework for research data management. Invenio-Drafts-Resources prior to versions 0.13.7 and 0.14.6 does not properly check permissions when a record is published. The vulnerability is exploitable… | |||
| CVE-2019-1020006 | 0.00 | — | 0.00 | Jul 29, 2019 | invenio-app before 1.1.1 allows host header injection. | |||
| CVE-2019-1020005 | 0.00 | — | 0.00 | Jul 29, 2019 | invenio-communities before 1.0.0a20 allows XSS. | |||
| CVE-2019-1020019 | 0.00 | — | 0.00 | Jul 29, 2019 | invenio-previewer before 1.0.0a12 allows XSS. | |||
| CVE-2008-1627 | 0.00 | — | 0.01 | Apr 2, 2008 | CDS Invenio 0.92.1 and earlier allows remote authenticated users to delete email notification alerts of arbitrary users via a modified internal UID. |
- CVE-2021-43781Dec 6, 2021risk 0.00cvss —epss 0.00
Invenio-Drafts-Resources is a submission/deposit module for Invenio, a software framework for research data management. Invenio-Drafts-Resources prior to versions 0.13.7 and 0.14.6 does not properly check permissions when a record is published. The vulnerability is exploitable…
- CVE-2019-1020006Jul 29, 2019risk 0.00cvss —epss 0.00
invenio-app before 1.1.1 allows host header injection.
- CVE-2019-1020005Jul 29, 2019risk 0.00cvss —epss 0.00
invenio-communities before 1.0.0a20 allows XSS.
- CVE-2019-1020019Jul 29, 2019risk 0.00cvss —epss 0.00
invenio-previewer before 1.0.0a12 allows XSS.
- CVE-2008-1627Apr 2, 2008risk 0.00cvss —epss 0.01
CDS Invenio 0.92.1 and earlier allows remote authenticated users to delete email notification alerts of arbitrary users via a modified internal UID.