VYPR
Vendor

whitesource

Products
3
CVEs
2
Across products
3
Status
Private

Products

3

Recent CVEs

2
  • CVE-2020-5304HigJun 8, 2020
    risk 0.49cvss 7.5epss 0.01

    The dashboard in WhiteSource Application Vulnerability Management (AVM) before version 20.4.1 allows Log Injection via a %0A%0D substring in the idp parameter to the /saml/login URI. This closes the current log and creates a new log with one line of data. The attacker can also…

  • CVE-2022-23082HigMay 31, 2022
    risk 0.42cvss 7.5epss 0.01

    In CureKit versions v1.0.1 through v1.1.3 are vulnerable to path traversal as the function isFileOutsideDir fails to sanitize the user input which may lead to path traversal.