Total
26 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-1711 | 1 Diagrams | 1 Drawio | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.5. | |||||
CVE-2022-1784 | 1 Diagrams | 1 Drawio | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.8. | |||||
CVE-2022-1575 | 1 Diagrams | 1 Drawio | 2024-02-28 | 6.8 MEDIUM | 9.6 CRITICAL |
Arbitrary Code Execution through Sanitizer Bypass in GitHub repository jgraph/drawio prior to 18.0.0. - Arbitrary (remote) code execution in the desktop app. - Stored XSS in the web app. | |||||
CVE-2022-1723 | 1 Diagrams | 1 Drawio | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.6. | |||||
CVE-2022-1815 | 1 Diagrams | 1 Drawio | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio prior to 18.1.2. | |||||
CVE-2022-1727 | 1 Diagrams | 1 Drawio | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
Improper Input Validation in GitHub repository jgraph/drawio prior to 18.0.6. |