Lucene search

Caret Security Vulnerabilities

cve

CVE-2019-9927

Caret before 2019-02-22 allows Remote Code Execution.

9.8CVSS

9.6AI Score

0.014EPSS

2019-03-22 08:29 AM

cve

CVE-2020-20269

A specially crafted Markdown document could cause the execution of malicious JavaScript code in Caret Editor before 4.0.0-rc22.

9.8CVSS

9.4AI Score

0.011EPSS

2021-01-26 06:15 PM

cve

CVE-2022-42967

Caret is vulnerable to an XSS attack when the user opens a crafted Markdown file when preview mode is enabled. This directly leads to client-side code execution.

9.6CVSS

8.9AI Score

0.002EPSS

2023-01-11 01:15 PM