Total
11 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-4686 | 1 Usememos | 1 Memos | 2024-02-04 | N/A | 9.8 CRITICAL |
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.0. | |||||
CVE-2022-4802 | 1 Usememos | 1 Memos | 2024-02-04 | N/A | 5.4 MEDIUM |
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1. | |||||
CVE-2022-4799 | 1 Usememos | 1 Memos | 2024-02-04 | N/A | 6.5 MEDIUM |
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1. | |||||
CVE-2022-4734 | 1 Usememos | 1 Memos | 2024-02-04 | N/A | 4.3 MEDIUM |
Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository usememos/memos prior to 0.9.1. | |||||
CVE-2022-25978 | 1 Usememos | 1 Memos | 2024-02-04 | N/A | 6.1 MEDIUM |
All versions of the package github.com/usememos/memos/server are vulnerable to Cross-site Scripting (XSS) due to insufficient checks on external resources, which allows malicious actors to introduce links starting with a javascript: scheme. | |||||
CVE-2022-4798 | 1 Usememos | 1 Memos | 2024-02-04 | N/A | 5.3 MEDIUM |
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1. | |||||
CVE-2022-4803 | 1 Usememos | 1 Memos | 2024-02-04 | N/A | 8.8 HIGH |
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1. | |||||
CVE-2022-4609 | 1 Usememos | 1 Memos | 2024-02-04 | N/A | 5.4 MEDIUM |
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0. | |||||
CVE-2022-4812 | 1 Usememos | 1 Memos | 2024-02-04 | N/A | 6.5 MEDIUM |
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1. | |||||
CVE-2022-4811 | 1 Usememos | 1 Memos | 2024-02-04 | N/A | 5.4 MEDIUM |
Authorization Bypass Through User-Controlled Key vulnerability in usememos usememos/memos.This issue affects usememos/memos before 0.9.1. | |||||
CVE-2022-4806 | 1 Usememos | 1 Memos | 2024-02-04 | N/A | 5.3 MEDIUM |
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1. |