Lucene search
MonospaceDirectus
2 matches found
CVE-2022-26969
In Directus before 9.7.0, the default settings of CORS_ORIGIN and CORS_ENABLED are true.
9.8CVSS9.4AI score0.00115EPSS
CVE-2022-36031
Directus is a free and open-source data platform for headless content management. The Directus process can be aborted by having an authorized user update the filename_disk value to a folder and accessing that file through the /assets endpoint. This vulnerability has been patched and release v9.15.0...
6.5CVSS6.5AI score0.00073EPSS