I Librarian Security Vulnerabilities and Issues — I Librarian CVE List

Lucene search

I-librarianI Librarian

3 matches found

CVE•added 2017/11/17 4:29 a.m.•48 views

CVE-2017-1000237

I, Librarian version

9.8CVSS9.4AI score0.00457EPSS

CVE•added 2018/03/23 9:29 p.m.•48 views

CVE-2018-1000138

I, Librarian version 4.8 and earlier contains a SSRF vulnerability in "url" parameter of getFromWeb in functions.php that can result in the attacker abusing functionality on the server to read or update internal resources.

9.1CVSS8.9AI score0.00286EPSS

CVE•added 2018/03/23 9:29 p.m.•43 views

CVE-2018-1000141

I, Librarian version 4.9 and earlier contains an Incorrect Access Control vulnerability in ajaxdiscussion.php that can result in any users gaining unauthorized access (read, write and delete) to project discussions.

9.1CVSS9.1AI score0.00307EPSS