Vendor
Wiz
Products
2
CVEs
3
Across products
3
Status
Private
Products
2- 2 CVEs
- 1 CVE
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-9145 | Hig | 0.46 | — | 0.01 | Oct 1, 2024 | Wiz Code Visual Studio Code extension in versions 1.0.0 up to 1.5.3 and Wiz (legacy) Visual Studio Code extension in versions 0.13.0 up to 0.17.8 are vulnerable to local command injection if the user opens a maliciously crafted Dockerfile located in a path that has been marked… | ||
| CVE-2020-11923 | Med | 0.36 | 5.5 | 0.00 | Apr 2, 2021 | An issue was discovered in WiZ Colors A60 1.14.0. API credentials are locally logged. | ||
| CVE-2020-11922 | Med | 0.28 | 4.3 | 0.01 | Apr 2, 2021 | An issue was discovered in WiZ Colors A60 1.14.0. The device sends unnecessary information to the cloud controller server. Although this information is sent encrypted and has low risk in isolation, it decreases the privacy of the end user. The information sent includes the local… |
- risk 0.46cvss —epss 0.01
Wiz Code Visual Studio Code extension in versions 1.0.0 up to 1.5.3 and Wiz (legacy) Visual Studio Code extension in versions 0.13.0 up to 0.17.8 are vulnerable to local command injection if the user opens a maliciously crafted Dockerfile located in a path that has been marked…
- risk 0.36cvss 5.5epss 0.00
An issue was discovered in WiZ Colors A60 1.14.0. API credentials are locally logged.
- risk 0.28cvss 4.3epss 0.01
An issue was discovered in WiZ Colors A60 1.14.0. The device sends unnecessary information to the cloud controller server. Although this information is sent encrypted and has low risk in isolation, it decreases the privacy of the end user. The information sent includes the local…