4 matches found
CVE-2025-11849
Versions of the package mammoth from 0.3.25 and before 1.11.0; versions of the package mammoth from 0.3.25 and before 1.11.0; versions of the package mammoth before 1.11.0; versions of the package org.zwobble.mammoth:mammoth before 1.11.0 are vulnerable to Directory Traversal due to the lack of...
CVE-2024-41514
A reflected cross-site scripting XSS vulnerability in "PrevPgGroup.aspx" in CADClick v1.11.0 and before allows remote attackers to inject arbitrary web script or HTML via the "wer" parameter...
DEBIAN-CVE-2019-18848
The json-jwt gem before 1.11.0 for Ruby lacks an element count during the splitting of a JWE string...
PT-2018-9625 · Hewlett Packard · Dotnetzip
Name of the Vulnerable Software and Affected Versions: DotNetZip.Semvered versions prior to 1.11.0 Description: The issue allows attackers to perform directory traversal, enabling them to write to arbitrary files. This is achieved by including a ../ dot dot slash in a Zip archive entry, which is...