Vulnerabilities > Duraspace

DATE	CVE	VULNERABILITY TITLE	RISK
2022-08-01	CVE-2022-31190	Incorrect Authorization vulnerability in Duraspace Dspace DSpace open source software is a repository application which provides durable access to digital resources. network low complexity duraspace CWE-863	5.3
2021-10-29	CVE-2021-41189	Incorrect Authorization vulnerability in Duraspace Dspace 7.0 DSpace is an open source turnkey repository application. network low complexity duraspace CWE-863 critical	9.0
2019-01-28	CVE-2019-6986	Resource Exhaustion vulnerability in Duraspace Vitro 1.10.0 SPARQL Injection in VIVO Vitro v1.10.0 allows a remote attacker to execute arbitrary SPARQL via the uri parameter, leading to a regular expression denial of service (ReDoS), as demonstrated by crafted use of FILTER%20regex in a /individual?uri= request. network low complexity duraspace CWE-400	7.5
2018-07-10	CVE-2016-10726	Path Traversal vulnerability in Duraspace Dspace The XMLUI feature in DSpace before 3.6, 4.x before 4.5, and 5.x before 5.5 allows directory traversal via the themes/ path in an attack with two or more arbitrary characters and a colon before a pathname, as demonstrated by a themes/Reference/aa:etc/passwd URI. network low complexity duraspace CWE-22	5.0

Vulnerabilities > Duraspace {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Duraspace"}]}