Vulnerabilities > Codesys > Development System > 3.5.16.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-02 | CVE-2021-21865 | Deserialization of Untrusted Data vulnerability in Codesys Development System 3.5.16.0/3.5.17.0 A unsafe deserialization vulnerability exists in the PackageManagement.plugin ExtensionMethods.Clone() functionality of CODESYS GmbH CODESYS Development System 3.5.16. | 7.8 |
| 2021-08-02 | CVE-2021-21866 | Deserialization of Untrusted Data vulnerability in Codesys Development System 3.5.16.0/3.5.17.0 A unsafe deserialization vulnerability exists in the ObjectManager.plugin ProfileInformation.ProfileData functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. | 7.8 |
| 2021-05-04 | CVE-2021-29240 | Unspecified vulnerability in Codesys Development System The Package Manager of CODESYS Development System 3 before 3.5.17.0 does not check the validity of packages before installation and may be used to install CODESYS packages with malicious content. | 7.8 |
| 2021-05-03 | CVE-2021-29241 | NULL Pointer Dereference vulnerability in Codesys products CODESYS Gateway 3 before 3.5.16.70 has a NULL pointer dereference that may result in a denial of service (DoS). | 7.5 |
| 2021-05-03 | CVE-2021-29239 | Insufficient Verification of Data Authenticity vulnerability in Codesys Development System CODESYS Development System 3 before 3.5.17.0 displays or executes malicious documents or files embedded in libraries without first checking their validity. | 7.8 |