Analyzed
about 2 months
ago.
based on code collected
3 months
ago.
Major Versions
click and drag to zoom
Security Vulnerabilities for Version:
Severities:
Type
|
Identifier
|
Related Record |
Severity
|
Date Published
|
Description | Versions Affected |
|---|---|---|---|---|---|
| CVE-2022-30899 | Medium | Jun 08, 2022 | A Cross Site Scripting vulnerabilty exists in PartKeepr 1.4.0 via the 'name' field in /api/part_categories. |
1.4.0
|
|
| CVE-2022-22702 | Medium | Jan 10, 2022 | PartKeepr versions up to v1.4.0, in the functionality to upload attachments using a URL when creating a part does not validate that requests can be mad more... |
1.4.0, 1.3.0, 1.2.0, 1.1.0, 1.0.0, 0.82, 0.81, 0.80, 0.79, 0.78
|
|
| CVE-2022-22701 | Medium | Jan 10, 2022 | PartKeepr versions up to v1.4.0, loads attachments using a URL while creating a part and allows the use of the 'file://' URI scheme, allowing an authen more... |
1.4.0, 1.3.0, 1.2.0, 1.1.0, 1.0.0, 0.82, 0.81, 0.80, 0.79, 0.78
|
|
| CVE-2021-39390 | Medium | May 03, 2022 | Stored XSS in PartKeepr 1.4.0 Edit section in multiple api endpoints via name parameter. |
1.4.0
|
