Appwrite Security Vulnerabilities and Issues — Appwrite CVE List

AppwriteAppwrite

5 matches found

CVE•added 2024/02/22 12:0 a.m.•3845 views

CVE-2022-25377

Summary : Multiple sources (Red Hat, Veracode, OSV, GHSA, NVD mirrors) confirm a directory-traversal flaw in Appwrite’s ACME-challenge endpoint. Affected versions : Appwrite 0.5.0 through 0.12.x before 0.12.2. The vulnerability requires the path APP_STORAGE_CERTIFICATES/.well-known/acme-challenge...

7.5CVSS6.6AI score0.00139EPSS

CVE•added 2022/02/16 5:5 p.m.•81 views

CVE-2021-23682

Prototype pollution vulnerability in litespeed.js (

9.8CVSS8.3AI score0.05384EPSS

CVE•added 2023/03/31 12:0 a.m.•64 views

CVE-2023-27159

Appwrite

7.5CVSS7.2AI score0.76972EPSS

In wild

CVE•added 2022/09/09 5:25 a.m.•54 views

CVE-2022-2925

CVE-2022-2925 relates to Appwrite: stored XSS vulnerability in the Appwrite server prior to 1.0.0-RC1. Affected components include usernames, function names, storage bucket names, and database collection names. Root cause described in public advisories as improper input handling leading to stored...

9CVSS5.6AI score0.00348EPSS

CVE•added 2024/01/30 9:20 a.m.•38 views

CVE-2024-1063

The issue is an SSRF in Appwrite via /v1/avatars/favicon visible in multiple sources. Affected product: Appwrite versions up to 1.4.13; root cause linked to an incomplete fix of CVE-2023-27159. Impact described as potential access to internal resources and data via crafted requests. Remediation: ...

7.5CVSS7.5AI score0.76972EPSS