Vulnerabilities > Arangodb

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-09	CVE-2021-25939	Server-Side Request Forgery (SSRF) vulnerability in Arangodb In ArangoDB, versions v3.7.0 through v3.9.0-alpha.1 have a feature which allows downloading a Foxx service from a publicly available URL. network low complexity arangodb CWE-918	4.0
2021-11-16	CVE-2021-25940	Insufficient Session Expiration vulnerability in Arangodb In ArangoDB, versions v3.7.6 through v3.8.3 are vulnerable to Insufficient Session Expiration. network arangodb CWE-613	6.0
2021-05-24	CVE-2021-25938	Cross-site Scripting vulnerability in Arangodb In ArangoDB, versions v2.2.6.2 through v3.7.10 are vulnerable to Cross-Site Scripting (XSS), since there is no validation of the .zip file name and filtering of potential abusive characters which zip files can be named to. network arangodb CWE-79	4.3

Vulnerabilities > Arangodb {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Arangodb"}]}