VYPR
Vendor

Ydataai

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2024-37064HigJun 4, 2024
    risk 0.51cvss 7.8epss 0.00

    Deseriliazation of untrusted data can occur in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library, enabling a maliciously crafted dataset to run arbitrary code on an end user's system when loaded.

  • CVE-2024-37063HigJun 4, 2024
    risk 0.51cvss 7.8epss 0.00

    A cross-site scripting (XSS) vulnerability in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library allows for payloads to be run when a maliocusly crafted report is viewed in the browser.

  • CVE-2024-37062HigJun 4, 2024
    risk 0.51cvss 7.8epss 0.00

    Deserialization of untrusted data can occur in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library, enabling a malicously crafted report to run arbitrary code on an end user's system when loaded.