cbcvebase.

Inventree Inventree vulnerabilities

5 known vulnerabilities affecting inventree/inventree_inventree.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2022-2111P3HIGHCVSS 8.8≥ unspecified, < 0.7.22022-06-17
CVE-2022-2111 [HIGH] CWE-434 CVE-2022-2111: Unrestricted Upload of File with Dangerous Type in GitHub repository inventree/inventree prior to 0. Unrestricted Upload of File with Dangerous Type in GitHub repository inventree/inventree prior to 0.7.2.
nvd
CVE-2022-2112P3HIGHCVSS 8.8≥ unspecified, < 0.7.22022-06-17
CVE-2022-2112 [HIGH] CWE-1236 CVE-2022-2112: Improper Neutralization of Formula Elements in a CSV File in GitHub repository inventree/inventree p Improper Neutralization of Formula Elements in a CSV File in GitHub repository inventree/inventree prior to 0.7.2.
nvd
CVE-2022-2113P4MEDIUMCVSS 5.4≥ unspecified, < 0.7.22022-06-17
CVE-2022-2113 [MEDIUM] CWE-79 CVE-2022-2113: Cross-site Scripting (XSS) - Stored in GitHub repository inventree/inventree prior to 0.7.2. Cross-site Scripting (XSS) - Stored in GitHub repository inventree/inventree prior to 0.7.2.
nvd
CVE-2022-3355P4MEDIUMCVSS 5.4≥ unspecified, < 0.8.32022-09-29
CVE-2022-3355 [MEDIUM] CWE-79 CVE-2022-3355: Cross-site Scripting (XSS) - Stored in GitHub repository inventree/inventree prior to 0.8.3. Cross-site Scripting (XSS) - Stored in GitHub repository inventree/inventree prior to 0.8.3.
nvd
CVE-2022-2134P4MEDIUMCVSS 6.5≥ unspecified, < 0.8.02022-06-20
CVE-2022-2134 [MEDIUM] CWE-770 CVE-2022-2134: Allocation of Resources Without Limits or Throttling in GitHub repository inventree/inventree prior Allocation of Resources Without Limits or Throttling in GitHub repository inventree/inventree prior to 0.8.0.
nvd
Inventree Inventree vulnerabilities | cvebase