Vendor
Nette
Products
3
CVEs
2
Across products
2
Status
Private
Products
3- 1 CVE
- 1 CVE
- 0 CVEs
Recent CVEs
2| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-55586 | Cri | 0.57 | 9.8 | 0.00 | Dec 10, 2024 | Nette Database through 3.2.4 allows SQL injection in certain situations involving an untrusted filter that is directly passed to the where method. NOTE: the vendor's position is that this is intended behavior. | ||
| CVE-2022-21648 | 0.00 | — | 0.00 | Jan 4, 2022 | Latte is an open source template engine for PHP. Versions since 2.8.0 Latte has included a template sandbox and in affected versions it has been found that a sandbox escape exists allowing for injection into web pages generated from Latte. This may lead to XSS attacks. The issue… |
- risk 0.57cvss 9.8epss 0.00
Nette Database through 3.2.4 allows SQL injection in certain situations involving an untrusted filter that is directly passed to the where method. NOTE: the vendor's position is that this is intended behavior.
- CVE-2022-21648Jan 4, 2022risk 0.00cvss —epss 0.00
Latte is an open source template engine for PHP. Versions since 2.8.0 Latte has included a template sandbox and in affected versions it has been found that a sandbox escape exists allowing for injection into web pages generated from Latte. This may lead to XSS attacks. The issue…