Vendor
Weave
Products
2
CVEs
2
Across products
2
Status
Private
Products
2- 1 CVE
- 1 CVE
Recent CVEs
2| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-25545 | 0.00 | — | 0.00 | Apr 12, 2024 | An issue in Weave Weave Desktop v.7.78.10 allows a local attacker to execute arbitrary code via a crafted script to the nwjs framework component. | |||
| CVE-2020-35464 | 0.00 | — | 0.02 | Dec 15, 2020 | Version 1.3.0 of the Weave Cloud Agent Docker image contains a blank password for the root user. Systems deployed using affected versions of the Weave Cloud Agent container may allow a remote attacker to achieve root access with a blank password. |
- CVE-2024-25545Apr 12, 2024risk 0.00cvss —epss 0.00
An issue in Weave Weave Desktop v.7.78.10 allows a local attacker to execute arbitrary code via a crafted script to the nwjs framework component.
- CVE-2020-35464Dec 15, 2020risk 0.00cvss —epss 0.02
Version 1.3.0 of the Weave Cloud Agent Docker image contains a blank password for the root user. Systems deployed using affected versions of the Weave Cloud Agent container may allow a remote attacker to achieve root access with a blank password.