Vulnerabilities (CVE)

Filtered by vendor Diagrams Subscribe
Total 26 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-3975 1 Diagrams 1 Drawio 2024-11-21 N/A 9.8 CRITICAL
OS Command Injection in GitHub repository jgraph/drawio prior to 21.5.0.
CVE-2023-3974 1 Diagrams 1 Drawio 2024-11-21 N/A 9.8 CRITICAL
OS Command Injection in GitHub repository jgraph/drawio prior to 21.4.0.
CVE-2023-3973 1 Diagrams 1 Drawio 2024-11-21 N/A 6.1 MEDIUM
Cross-site Scripting (XSS) - Reflected in GitHub repository jgraph/drawio prior to 21.6.3.
CVE-2023-3398 1 Diagrams 1 Drawio 2024-11-21 N/A 7.5 HIGH
Denial of Service in GitHub repository jgraph/drawio prior to 18.1.3.
CVE-2023-3026 1 Diagrams 1 Drawio 2024-11-21 N/A 6.1 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 21.2.8.
CVE-2022-3873 1 Diagrams 1 Drawio 2024-11-21 N/A 6.1 MEDIUM
Cross-site Scripting (XSS) - DOM in GitHub repository jgraph/drawio prior to 20.5.2.
CVE-2022-3223 1 Diagrams 1 Drawio 2024-11-21 N/A 6.1 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 20.3.1.
CVE-2022-3148 1 Diagrams 1 Drawio 2024-11-21 N/A 6.1 MEDIUM
Cross-site Scripting (XSS) - Generic in GitHub repository jgraph/drawio prior to 20.3.0.
CVE-2022-3138 1 Diagrams 1 Drawio 2024-11-21 N/A 6.1 MEDIUM
Cross-site Scripting (XSS) - Generic in GitHub repository jgraph/drawio prior to 20.3.0.
CVE-2022-3133 1 Diagrams 1 Drawio 2024-11-21 N/A 7.8 HIGH
OS Command Injection in GitHub repository jgraph/drawio prior to 20.3.0.
CVE-2022-3127 1 Diagrams 1 Drawio 2024-11-21 N/A 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 20.2.8.
CVE-2022-3065 1 Diagrams 1 Drawio 2024-11-21 N/A 7.5 HIGH
Improper Access Control in GitHub repository jgraph/drawio prior to 20.2.8.
CVE-2022-2015 1 Diagrams 1 Drawio 2024-11-21 3.5 LOW 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 19.0.2.
CVE-2022-2014 1 Diagrams 1 Drawio 2024-11-21 3.5 LOW 5.4 MEDIUM
Code Injection in GitHub repository jgraph/drawio prior to 19.0.2.
CVE-2022-1815 1 Diagrams 1 Drawio 2024-11-21 5.0 MEDIUM 7.5 HIGH
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio prior to 18.1.2.
CVE-2022-1784 1 Diagrams 1 Drawio 2024-11-21 5.0 MEDIUM 7.5 HIGH
Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.8.
CVE-2022-1774 1 Diagrams 1 Drawio 2024-11-21 5.8 MEDIUM 6.1 MEDIUM
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio prior to 18.0.7.
CVE-2022-1767 1 Diagrams 1 Drawio 2024-11-21 5.0 MEDIUM 7.5 HIGH
Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.7.
CVE-2022-1730 1 Diagrams 1 Drawio 2024-11-21 3.5 LOW 4.6 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 18.0.4.
CVE-2022-1727 1 Diagrams 1 Drawio 2024-11-21 6.8 MEDIUM 8.8 HIGH
Improper Input Validation in GitHub repository jgraph/drawio prior to 18.0.6.