3 matches found
PT-2024-21061 · Iris-Web · Iris-Web
Name of the Vulnerable Software and Affected Versions: iris-web versions prior to 2.4.0 Description: A stored Cross-Site Scripting XSS vulnerability has been identified in iris-web, affecting multiple locations. The vulnerability may allow an attacker to inject malicious scripts into the...
PT-2022-5600 · Apache · Apache Airflow
Name of the Vulnerable Software and Affected Versions: Apache Airflow versions prior to 2.4.0 Description: A vulnerability in Example Dags of Apache Airflow is related to incorrect management of code generation. This issue allows an attacker with UI access who can trigger DAGs to execute arbitrar...
PT-2020-6193 · Openjpeg +5 · Openjpeg +5
Name of the Vulnerable Software and Affected Versions: openjpeg versions prior to 2.4.0 Description: The issue is related to an out-of-bounds read in the src/lib/openjp2/pi.c component of the openjpeg library. This occurs when an attacker provides crafted input to be processed by the openjpeg...